Security News > 2024 > May > BLint: Open-source tool to check the security properties of your executables
![BLint: Open-source tool to check the security properties of your executables](/static/build/img/news/blint-open-source-tool-to-check-the-security-properties-of-your-executables-medium.jpg)
BLint is a Binary Linter designed to evaluate your executables' security properties and capabilities, utilizing LIEF for its operations.
From version 2, BLint can also produce Software Bill-of-Materials for compatible binaries.
"Several source code analysis tools can examine a code repository and generate an SBOM. But what about a binary executable, where the code repository may not be available and the executable is the only artifact to work with? Enter BLint, which aids in generating an SBOM for a binary executable. Creating BLint as open source and adopting it into the OWASP family means that it will be available to all and will grow and evolve," Tim Messing, Application Security Engineer at Universal Music Group and one of the developers, told Help Net Security.
Messing explained that static analysis of binaries is often underutilized in identifying malicious and/or vulnerable software.
Roid ELF PE Mach-O. You can run BLint on Linux, Windows, and Mac against these binary formats.
Future plans and download. Caroline Russell, Staff Security Engineer at AppThreat, told us the team wants to keep BLint relatively minimal and lightweight.
News URL
https://www.helpnetsecurity.com/2024/05/14/blint-open-source-check-security-properties-executables/
Related news
- Establishing a security baseline for open source projects (source)
- OWASP dep-scan: Open-source security and risk audit tool (source)
- Open-source security in AI (source)
- Enhancing security through collaboration with the open-source community (source)
- SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting (source)
- Cilium: Open-source eBPF-based networking, security, observability (source)
- Zeek: Open-source network traffic analysis, security monitoring (source)