DEV Community

Aman Sachan
Aman Sachan

Posted on

BinScope: Verify AI-Generated Binaries Are Actually What They Claim

The Problem Nobody Talks About

When an LLM writes C code and you compile it, how do you know the resulting binary actually came from that source?

You ask GPT-4 for a C library. It gives you code. You compile it. You ship the .so file to production. But what if the LLM subtly modified the code? What if a compromised context window injected extra behavior? What if the compilation environment itself was tampered with?

Traditional tools (SHA256 checksums, GPG signatures) verify integrity — but they do not verify provenance. A binary can be byte-identical to a known-good build and still be wrong.

That is the gap BinScope fills.

What BinScope Does

BinScope is a zero-dependency Python tool that gives you:

  • SHA256 hash of the binary (cryptographic fingerprint)
  • Entropy profile — detect compressed or encrypted payloads embedded in the binary
  • Section map.text, .data, .rodata, .bss with sizes and entropies
  • Symbol audit — exported and imported functions
  • Trust score — 0–100 with reasoning
  • Diff mode — compare two binaries side by side

Install

pip install binscope
Enter fullscreen mode Exit fullscreen mode

Or from source:

git clone https://github.com/AmSach/BinScope
cd BinScope
pip install -e .
Enter fullscreen mode Exit fullscreen mode

Quick Example

binscope analyze ./my-awesome-lib.so
Enter fullscreen mode Exit fullscreen mode

Output:

=== BinScope Report ===
File: ./my-awesome-lib.so
SHA256: a3f2e8...9c1d
Size: 245760 bytes (240.0 KB)
Type: ELF64 x86-64
Entropy: 6.8421 (normal .text section)

Sections:
  .text      188416  6.91 entropy  [RX]
  .data       32768  7.23 entropy  [RW]
  .rodata     16384  3.12 entropy  [R]
  .bss         8192  0.00 entropy  [RW]

Exports: 12 functions
Imports: 8 libraries, 24 symbols

Trust: HIGH (85/100)
Enter fullscreen mode Exit fullscreen mode

How Entropy Detection Works

Shannon entropy measures information density. Normal compiled code has entropy around 6-7 bits/byte — predictable patterns in .text, zero-filled .bss.

Anomalies:

  • >7.5 entropy — possible compressed or packed payload
  • >8.0 entropy — likely encrypted section or obfuscated code
  • Non-zero .bss — uninitialized data that should be zero

The implementation is a tight 30-line function:

import math
from collections import Counter

def calculate_entropy(data):
    if not data:
        return 0.0
    counter = Counter(data)
    length = len(data)
    entropy = 0.0
    for count in counter.values():
        p = count / length
        entropy -= p * math.log2(p)
    return entropy
Enter fullscreen mode Exit fullscreen mode

Comparing Binaries

When you suspect an LLM-modified build:

binscope diff ./original.so ./post-modification.so
Enter fullscreen mode Exit fullscreen mode

Shows you exactly what changed — size delta, entropy shift, symbol diff.

Python API

from binscope import BinScope

scope = BinScope("path/to/binary")
result = scope.analyze()

print(f"SHA256: {result.sha256}")
print(f"Entropy: {result.entropy:.4f}")
print(f"Suspicious: {result.suspicious}")

report = scope.trust_report()
print(report.summary)
Enter fullscreen mode Exit fullscreen mode

Why This Matters for LLM Workflows

As more teams ship LLM-generated C/C++/Rust code to production, the binary-to-source trust gap is a real attack surface. BinScope is a small, stdlib-only tool that gives you quick, defensible evidence — not a full static analyzer, not a reverse engineering suite, just a fast "is this thing sane?" check you can run in CI.

Requirements

  • Python 3.10+
  • Zero external dependencies (pure stdlib)
  • Works on ELF64, ELF32, and Mach-O

License

MIT — https://github.com/AmSach/BinScope

If you find a binary that BinScope flags as suspicious and you want to share, open an issue with the report. I am collecting entropy profiles of real-world malware samples to improve detection thresholds.

Top comments (0)