GrammaTech introduced CodeSonar for Binaries, which is a static-analysis tool for analyzing binary libraries and executables. The tool enables engineers to examine software for security vulnerabilities and malicious code, without the need for source code. CodeSonar for Binaries makes it easy to examine large executables rapidly. In addition, the tool is fully integrated with GrammaTech’s source-code analysis technology. This helps developers to analyze projects that are a combination of source and binary code.
CodeSonar for Binaries does not rely on debug or symbol-table information. The tool examines the stripped executables normally shipped by software vendors. As a result, engineers can use CodeSonar for Binaries to perform a security analysis on software without any cooperation from the vendor.
GrammaTech CodeSonar for Binaries enables engineers to perform a security audit on executables. The tool analyzes the software that users actually run — the specific machine code to be run on the processor. As a result, CodeSonar for Binaries can detect problems introduced not only by programmers, but also by the compiler and other tools in the development chain.
More info: GrammaTech CodeSonar Binary Analysis