zynamics BinDiff 惡意程式分析軟體
BinDiff 3.0 released!
New in Version 3.0:
- Big change: New internal diff engine that produces more detailed and more accurate results
- Fixed an edge-layout bug that led to improperly connected basicblocks
- Improved HTML report generation
- Removed configuration dialog from IDA plugin. The plugin configuration can be changed via its XML-based configuration file
- Added menu items to IDA to allow for a global hotkey and fast access to subviews
- New statistics subview
zynamics BinDiff v3.0 is significantly faster than previous versions and is now bundled with a easy-to-use UI which allows less experienced reverse engineers to analyse code quickly as well as boosting the productivity of more experienced analysts. The speed improvements allow for the analysis of even the largest patches giving users equipped with little more than a laptop and IDA the ability to deal with router images.
zynamics BinDiff allows you to:
- Identify identical and similar functions in different binaries
- Port function names, anterior and posterior comment lines, standard comments and local names from one disassembly to the other
- Detect & highlight changes between two variants of the same function
zynamics BinDiff can analyze executables compiled for the following architectures:
- x86
- MIPS
- AVR
- PA-RISC
- SPARC
- PowerPC
- ...or any other architecture IDA supports (experimental)
This biggest improvements are:
- Higher comparison speed
- Greater accuracy for functions which change only in the structure of the graph, not in the number of nodes/edges
- Much greater accuracy on the instruction level comparison
- A new and improved symmetric UI, bringing all the convenience of 'regular' source-code based diffing to the reverse engineering world for the first time