3.1.0 release

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "binsec"
-description = "Swiss Army Knife for Binary (In)Security"
+description = "Binary (In)Security tool"
 
 authors = ["ex0dus-0x <ex0dus@codemuch.tech>"]
 license = "MIT"
@@ -9,20 +9,25 @@ homepage = "https://github.com/ex0dus-0x/binsec"
 repository = "https://github.com/ex0dus-0x/binsec"
 readme = "README.md"
 
-version = "3.0.0"
-edition = "2018"
+version = "3.1.0"
+edition = "2021"
 
 [profile.release]
 opt-level = 'z'
 lto = true
 
 [dependencies]
-clap = "2.33"
-goblin = "0.4.0"
+clap = { version = "4.5.4", features = ["derive"] }
+goblin = "0.8.1"
 byte-unit = "4.0.10"
 chrono = "0.4"
-
-yara = "0.9.0"
+thiserror = "1.0.59"
+regex = "1.10.4"
 
 serde_json = "1.0"
 serde = { version = "1.0", features = ["derive"] }
+
+yara-x = { version = "0.3.0", optional = true }
+
+[features]
+advanced_scan = ["dep:yara-x"]

LICENSE.md

@@ -1,4 +1,4 @@
-Copyright 2020 Alan Cao <alan [at] codemuch.tech>
+Copyright 2024 <ex0dus [at] codemuch.tech>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 

README.md

@@ -9,27 +9,22 @@
 [crates-binsec-badge]: https://img.shields.io/crates/v/binsec.svg
 [crates-binsec]: https://crates.io/crates/binsec
 
-Swiss Army Knife for Binary (In)security
+Binary (In)security tool
 
-__binsec__ is a minimal static analysis utility for detecting security capabilities in ELF/PE/Mach-O executables. It's useful
-for reverse engineers and vulnerability researchers to gain quick and deeper insights into binary artifacts, 
-build fast detection pipelines, and improve overall binary analysis.
+__binsec__ is a minimal static analysis utility for detecting security mitigations in ELF/PE/Mach-O executables.
 
 ## Features
 
-* Cross-platform, supports robust checks for ELF/PE/Mach-Os while running on any host.
-* Backends [libgoblin](https://github.com/m4b/goblin) for efficient and cross-platform binary parsing.
-* JSON serializable for storage/logging consumption.
-* Small and ast: final release build is ~2.44Mb, with analysis done in 30ms.
-
-### Static Analysis Checks
+* Supports ELF, PE and Mach-Os
+* Backends [libgoblin](https://github.com/m4b/goblin) for binary parsing
+* JSON serialization
+* Small release builds at ~2.2Mb, with analysis done in 30ms.
 
 The project currently supports static detection for a variety of executable checks:
 
 * __Compilation Features__ - insights about how the executable was compiled, and runtimes used in that process.
 * __Exploit Mitigations__ - OS-supported binary hardening features used to limit exploitation and priviledge escalation.
 * __Dynamic Instrumentation__ - detects any known instrumentation frameworks used for dynamic analysis and/or profiling.
-* __Anti-Analysis (WIP)__ - noticeable anti-analysis checks employed to mitigate reverse engineering.
 
 ## Usage
 
@@ -43,23 +38,22 @@ Using the application is meant to be very simple. Given any binary executable yo
 simply pass it in as a positional argument:
 
 ```
-$ binsec -- ./suspicious
+$ binsec -- ./ctf_chal
 ```
 
 `binsec` output can also be serialized into JSON:
 
 ```
 # print to stdout
-$ binsec --json - -- ./suspicious
+$ binsec --json - -- ./ctf_chal
 
 # print to path
-$ binsec --json report.json -- ./suspicious
+$ binsec --json report.json -- ./ctf_chal
 ```
 
 ## Contributing
 
-This is something that is continually being developed! You can contribute by catching issues and bugs
-and submitting them through the [issue tracker](https://github.com/ex0dus-0x/binsec/issues) or making a pull request!
+You can contribute by catching issues and bugs and submitting them through the [issue tracker](https://github.com/ex0dus-0x/binsec/issues) or making a pull request!
 
 ## License