Cybersecurity-Projects/PROJECTS/intermediate/binary-analysis-tool/README.md

4.1 KiB

 █████╗ ██╗  ██╗██╗   ██╗███╗   ███╗ ██████╗ ██████╗ ████████╗███████╗███╗   ███╗
██╔══██╗╚██╗██╔╝██║   ██║████╗ ████║██╔═══██╗██╔══██╗╚══██╔══╝██╔════╝████╗ ████║
███████║ ╚███╔╝ ██║   ██║██╔████╔██║██║   ██║██████╔╝   ██║   █████╗  ██╔████╔██║
██╔══██║ ██╔██╗ ██║   ██║██║╚██╔╝██║██║   ██║██╔══██╗   ██║   ██╔══╝  ██║╚██╔╝██║
██║  ██║██╔╝ ██╗╚██████╔╝██║ ╚═╝ ██║╚██████╔╝██║  ██║   ██║   ███████╗██║ ╚═╝ ██║
╚═╝  ╚═╝╚═╝  ╚═╝ ╚═════╝ ╚═╝     ╚═╝ ╚═════╝ ╚═╝  ╚═╝   ╚═╝   ╚══════╝╚═╝     ╚═╝

Cybersecurity Projects Rust React TypeScript License: AGPLv3 Docker Live Demo

Static binary analysis engine with multi-format parsing, YARA scanning, x86 disassembly, and MITRE ATT&CK threat scoring.

This is a quick overview — security theory, architecture, and full walkthroughs are in the learn modules.

What It Does

  • Multi-format binary parsing (ELF, PE, Mach-O) with section analysis and import table extraction
  • YARA rule scanning with 14 built-in detection rules for malware, packers, and crypto patterns
  • x86/x86_64 disassembly with control flow graph generation from entry points and symbol tables
  • Shannon entropy analysis for detecting packed or encrypted sections
  • 8-category threat scoring system (max 100 points) with MITRE ATT&CK technique mapping
  • Pass-based analysis pipeline with topological ordering and dependency resolution

Quick Start

docker compose up -d

Visit http://localhost:22784

[!TIP] This project uses just as a command runner. Type just to see all available commands.

Install: curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin

Stack

Backend: Rust, Axum, goblin, iced-x86, yara-x, SQLx, PostgreSQL

Frontend: React 19, TypeScript, Vite, TanStack Query, Zustand, Zod, SCSS Modules

Infra: Docker Compose, Nginx, PostgreSQL 18

Learn

This project includes step-by-step learning materials covering security theory, architecture, and implementation.

Module Topic
00 - Overview Prerequisites and quick start
01 - Concepts Security theory and real-world breaches
02 - Architecture System design and data flow
03 - Implementation Code walkthrough
04 - Challenges Extension ideas and exercises

License

AGPL 3.0