↓ download on github


Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.

Installation and Usage

More information on https://github.com/ReFirmLabs/binwalk/wiki

Quick start


Binwalk follows the standard Python installation procedure:

$ sudo python setup.py install

If you’re running Python 2.x, installing the optional Python lzma module is strongly recommended (but not required):

$ sudo apt-get install python-lzma

For instructions on installing other optional dependencies, see https://github.com/ReFirmLabs/binwalk/blob/master/INSTALL.md.


Basic usage is simple:

$ binwalk firmware.bin
0             0x0             TRX firmware header, little endian, header size: 28 bytes, image size: 14766080 bytes, CRC32: 0x6980E553 flags: 0x0, version: 1
28            0x1C            LZMA compressed data, properties: 0x5D, dictionary size: 65536 bytes, uncompressed size: 5494368 bytes
2319004       0x23629C        Squashfs filesystem, little endian, version 4.0, compression: xz, size: 12442471 bytes, 3158 inodes, blocksize: 131072 bytes, blocksize: 131072 bytes, created: 2014-05-21 22:38:47

For additional examples and descriptions of advanced options, see the https://github.com/ReFirmLabs/binwalk/wiki.

Tools Forensic