Google has released its popular BinDiff patch analysis plug-in for free, dropping its previous US$200 price tag.
The tool is loved among security engineers who find it useful when analysing vendor patches and comparing binaries.
Freeing the tool will help alleviate the cost of patch and malware analysis for independent researchers and those organisations formerly required to purchase expensive enterprise licences.
Software engineer Christian Blichmann says Google uses BinDiff in its own malware analysis.
"At Google, the BinDiff core engine powers a large-scale malware processing pipeline helping to protect both internal and external users," Blichmann says.
"BinDiff provides the underlying comparison results needed to cluster the world's malware into related families with billions of comparisons performed so far."
Google savaged the price of BinDiff since it acquired creator Zynamics in 2011, dropping the price from $US1170 for a single licence to a flat US$200.
The move to give it away is the "next logical step" Blichmann says.
Researchers will still need to buy a copy of IDA Pro to use the plugin which start at US$589 or nearly twice that for a professional licence.
The BinDiff tool allows hackers to:
- Compare binary files for x86, MIPS, ARM, PowerPC, and other architectures supported by IDA Pro;
- Identify identical and similar functions in different binaries;
- Port function names, anterior and posterior comment lines, standard comments and local names from one disassembly to the other;
- Detect and highlight changes between two variants of the same function.