Man page - binwalk(1)

Packages contains this manual

Manual

BINWALK

NAME
SYNOPSIS
DESCRIPTION
Signature Scan Options:
Extraction Options:
Entropy Options:
Binary Diffing Options:
Raw Compression Options:
General Options:

NAME

binwalk - tool for searching binary images for embedded files and executable code

SYNOPSIS

binwalk [ OPTIONS ] [ FILE1 ] [ FILE2 ] [ FILE3 ] ...

DESCRIPTION

Binwalk v2.3.2+dcb1403 Craig Heffner, ReFirmLabs https://github.com/ReFirmLabs/binwalk

Signature Scan Options:

-B , --signature

Scan target file(s) for common file signatures

-R , --raw= <str>

Scan target file(s) for the specified sequence of bytes

-A , --opcodes

Scan target file(s) for common executable opcode signatures

-m , --magic= <file>

Specify a custom magic file to use

-b , --dumb

Disable smart signature keywords

-I , --invalid

Show results marked as invalid

-x , --exclude= <str>

Exclude results that match <str>

-y , --include= <str>

Only show results that match <str>

Extraction Options:

-e , --extract

Automatically extract known file types

-D , --dd= <type[:ext[:cmd]]>

Extract <type> signatures (regular expression), give the files an extension of <ext>, and execute <cmd>

-M , --matryoshka

Recursively scan extracted files

-d , --depth= <int>

Limit matryoshka recursion depth (default: 8 levels deep)

-C , --directory= <str>

Extract files/folders to a custom directory (default: current working directory)

-j , --size= <int>

Limit the size of each extracted file

-n , --count= <int>

Limit the number of extracted files

-r , --rm

Delete carved files after extraction

-z , --carve

Carve data from files, but don’t execute extraction utilities

-V , --subdirs

Extract into sub-directories named by the offset

Entropy Options:

-E , --entropy

Calculate file entropy

-F , --fast

Use faster, but less detailed, entropy analysis

-J , --save

Save plot as a PNG

-Q , --nlegend

Omit the legend from the entropy plot graph

-N , --nplot

Do not generate an entropy plot graph

-H , --high= <float>

Set the rising edge entropy trigger threshold (default: 0.95)

-L , --low= <float>

Set the falling edge entropy trigger threshold (default: 0.85)

Binary Diffing Options:

-W , --hexdump

Perform a hexdump / diff of a file or files

-G , --green

Only show lines containing bytes that are the same among all files

-i , --red

Only show lines containing bytes that are different among all files

-U , --blue

Only show lines containing bytes that are different among some files

-u , --similar

Only display lines that are the same between all files

-w , --terse

Diff all files, but only display a hex dump of the first file

Raw Compression Options:

-X , --deflate

Scan for raw deflate compression streams

-Z , --lzma

Scan for raw LZMA compression streams

-P , --partial

Perform a superficial, but faster, scan

-S , --stop

Stop after the first result

General Options:

-l , --length= <int>

Number of bytes to scan

-o , --offset= <int>

Start scan at this file offset

-O , --base= <int>

Add a base address to all printed offsets

-K , --block= <int>

Set file block size

-g , --swap= <int>

Reverse every n bytes before scanning

-f , --log= <file>

Log results to file

-c , --csv

Log results to file in CSV format

-t , --term

Format output to fit the terminal window

-q , --quiet

Suppress output to stdout

-v , --verbose

Enable verbose output

-h , --help

Show help output

-a , --finclude= <str>

Only scan files whose names match this regex

-p , --fexclude= <str>

Do not scan files whose names match this regex

-s , --status= <int>

Enable the status server on the specified port