The Problem Nobody Talks About
When an LLM writes C code and you compile it, how do you know the resulting binary actually came from that source?
You ask GPT-4 for a C library. It gives you code. You compile it. You ship the .so file to production. But what if the LLM subtly modified the code? What if a compromised context window injected extra behavior? What if the compilation environment itself was tampered with?
Traditional tools (SHA256 checksums, GPG signatures) verify integrity — but they do not verify provenance. A binary can be byte-identical to a known-good build and still be wrong.
That is the gap BinScope fills.
What BinScope Does
BinScope is a zero-dependency Python tool that gives you:
- SHA256 hash of the binary (cryptographic fingerprint)
- Entropy profile — detect compressed or encrypted payloads embedded in the binary
-
Section map —
.text,.data,.rodata,.bsswith sizes and entropies - Symbol audit — exported and imported functions
- Trust score — 0–100 with reasoning
- Diff mode — compare two binaries side by side
Install
pip install binscope
Or from source:
git clone https://github.com/AmSach/BinScope
cd BinScope
pip install -e .
Quick Example
binscope analyze ./my-awesome-lib.so
Output:
=== BinScope Report ===
File: ./my-awesome-lib.so
SHA256: a3f2e8...9c1d
Size: 245760 bytes (240.0 KB)
Type: ELF64 x86-64
Entropy: 6.8421 (normal .text section)
Sections:
.text 188416 6.91 entropy [RX]
.data 32768 7.23 entropy [RW]
.rodata 16384 3.12 entropy [R]
.bss 8192 0.00 entropy [RW]
Exports: 12 functions
Imports: 8 libraries, 24 symbols
Trust: HIGH (85/100)
How Entropy Detection Works
Shannon entropy measures information density. Normal compiled code has entropy around 6-7 bits/byte — predictable patterns in .text, zero-filled .bss.
Anomalies:
- >7.5 entropy — possible compressed or packed payload
- >8.0 entropy — likely encrypted section or obfuscated code
- Non-zero .bss — uninitialized data that should be zero
The implementation is a tight 30-line function:
import math
from collections import Counter
def calculate_entropy(data):
if not data:
return 0.0
counter = Counter(data)
length = len(data)
entropy = 0.0
for count in counter.values():
p = count / length
entropy -= p * math.log2(p)
return entropy
Comparing Binaries
When you suspect an LLM-modified build:
binscope diff ./original.so ./post-modification.so
Shows you exactly what changed — size delta, entropy shift, symbol diff.
Python API
from binscope import BinScope
scope = BinScope("path/to/binary")
result = scope.analyze()
print(f"SHA256: {result.sha256}")
print(f"Entropy: {result.entropy:.4f}")
print(f"Suspicious: {result.suspicious}")
report = scope.trust_report()
print(report.summary)
Why This Matters for LLM Workflows
As more teams ship LLM-generated C/C++/Rust code to production, the binary-to-source trust gap is a real attack surface. BinScope is a small, stdlib-only tool that gives you quick, defensible evidence — not a full static analyzer, not a reverse engineering suite, just a fast "is this thing sane?" check you can run in CI.
Requirements
- Python 3.10+
- Zero external dependencies (pure stdlib)
- Works on ELF64, ELF32, and Mach-O
License
MIT — https://github.com/AmSach/BinScope
If you find a binary that BinScope flags as suspicious and you want to share, open an issue with the report. I am collecting entropy profiles of real-world malware samples to improve detection thresholds.
Top comments (0)