Setup

Docker

For the ease of use purposes, we have provided a Dockerfile for quickly getting started with Binee. This has the added benefit of creating a reproducible environment for testing Binee, allowing us to more easily debug across differing host systems. We recommend leveraging this Dockerfile if you are contributing to Binee.

To build the container, run the following docker command within the root of the Binee repo: docker build -t binee .

To run your newly built docker container, docker run -it -v $PWD:/trml/go/src/binee -v <path to malware directory>:/malware binee bash

From here all that's left is to get the dependencies for the project and build binee.

root@2b0fee41629f:~/go/src/binee# go get
root@2b0fee41629f:~/go/src/binee# go build

Now we can run binee in our container!

root@2b0fee41629f:~/go/src/binee# ./binee -v
usage ./binee [-aAhvveis] [FILE] [ARGS]
  -a <apiset dll name>     Returns the real dll name given an apiset dll
  -A                       List all apisets and their mappings
  -c FILE                  Path to a configuration file
  -d                       Show dll names with function in output
  -e FILE                  List file exports
  -h                       Show this usage menu
  -i FILE                  List file imports
  -j                       Output as JSON
  -l                       Run full DllMain of imported functions with debug output
  -s                       Run application through binee debugger
  -v[v]                    Verbosity level, two v's for more verbose

Binee cannot start emulating binaries until we set up the mock operating system.

Setting up the mock Operating System

Home
Setup and Configuration
Getting Started / Overview
- Hooks
- Architectural Considerations
Examples

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Setup

Docker

Setting up the mock Operating System

Clone this wiki locally