BinDiff

zynamics BinDiff uses a unique graph-theoretical approach to compare executables
by identifying identical and similar functions
Description

BinDiff is a comparison tool for binary files, that assists vulnerability researchers and engineers to quickly find differences and similarities in disassembled code.

With BinDiff you can identify and isolate fixes for vulnerabilities in vendor-supplied patches. You can also port symbols and comments between disassemblies of multiple versions of the same binary or use BinDiff to gather evidence for code theft or patent infringement.
Use Cases
  • Compare binary files for x86, MIPS, ARM, PowerPC, and other architectures supported by IDA Pro
  • Identify identical and similar functions in different binaries
  • Port function names, anterior and posterior comment lines, standard comments and local names from one disassembly to the other
  • Detect and highlight changes between two variants of the same function

To learn more about the features of BinDiff, you can download the BinDiff Manual.
Screenshots
BinDiff_Screen1

Screenshot 1: Changed functions are displayed in an easy-to-understand symmetric layout

BinDiff_Screen2

Screenshot 2: Changes in instructions are shown in yellow, new instructions are shown in red

BinDiff_Screen3

Screenshot 3: Linear disassembly style