Binwalk v1.0, Now With Python!

Binwalk 1.0 has just been released and has been completely re-written as a Python module. This means that not only does it feature smarter scanning and signature processing features that were much, much easier to implement in Python, but it is now fully scriptable.

Aside from a few new options (and the removal of a few depreciated ones), the command line usage is pretty much the same. My personal favorite options to pass to binwalk are ‘-re’, which besides being a reference to reverse engineering, will attempt to extract data from the target file and clean up after itself (very handy for when there are a lot of false positive LZMA files extracted!):

$ binwalk -re firmware.bin

Scripting with binwalk is pretty straight forward. To perform a simple scan (equivalent to running binwalk with no command line options):

import pprint
from binwalk import Binwalk

binwalk = Binwalk()
pprint.PrettyPrinter().pprint(binwalk.scan('firmware.bin'))
binwalk.cleanup()

Check out the wiki for more command line usage and API examples.