Binwalk

Binwalk is a fast and easy-to-use tool designed for analyzing, reverse engineering, and extracting firmware images. Before Binwalk version 2.3.3, extracted archives could create symbolic links (symlinks) that pointed to any location on the file system. This posed a risk for directory traversal attacks if subsequent extraction utilities followed these symlinks without proper checks. Binwalk utilizes several third-party extraction tools, some of which may have unresolved security vulnerabilities. Starting from Binwalk version 2.3.3, external extraction tools can be executed as an unprivileged user by using the run-as command line option; however, this requires Binwalk to be run with root privileges. Furthermore, Binwalk version 2.3.3 and later will not allow extraction as the root user unless the --run-as=root option is specified. Although many major Linux distributions still ship Python 2.7 as the default interpreter in their stable releases, Binwalk has transitioned to exclusively support Python 3.