BLint is a Binary Linter designed to evaluate your executables’ security properties and capabilities, utilizing LIEF for its operations. From version 2, BLint can also produce Software Bill-of-Materials (SBOM) for compatible binaries.
“Several source code analysis tools can examine a code repository and generate an SBOM. But what about a binary executable, where the code repository may not be available and the executable is the only artifact to work with? Enter BLint, which aids in generating an SBOM for a binary executable. Creating BLint as open source and adopting it into the OWASP family means that it will be available to all and will grow and evolve,” Tim Messing, Application Security Engineer at Universal Music Group and one of the developers, told Help Net Security.
Messing explained that static analysis of binaries is often underutilized in identifying malicious and/or vulnerable software.
You can run BLint on Linux, Windows, and Mac against these binary formats.
Caroline Russell, Staff Security Engineer at AppThreat, told us the team wants to keep BLint relatively minimal and lightweight. They are looking at adding the following capabilities:
1. Detecting libraries dynamically loaded during runtime
2. Offering a deep mode that will list symbols within static libraries.
3. Add additional annotations and refine existing ones.
4. Add CycloneDx 1.6 support for the SBOM feature.