Blint

BLint is a Binary Linter to check executable binaries' security properties and capabilities.

Supported binary formats:

• ELF (GNU, musl)
• PE (exe, dll)
• Mach-O (x64, arm64)

You can run blint on Linux, Windows, and Mac against all these binary formats.

Use cases

• Quickly identify malicious binaries by looking at their capabilities (Ability to manipulate networks or drivers or kernels)
• Add blint to CI/CD to inspect the final binaries to ensure code signing or authenticode is applied correctly
• Identify interesting functions and symbols for fuzzing.