Bokken is a GUI for the Pyew and Radare projects so it offers almost all the same features that Pyew has and and some of the Radare's ones. It's intended to be a basic disassembler, mainly, to analyze malware and vulnerabilities.
Currently Bokken is neither an hexadecimal editor nor a full featured disassembler YET, so it should not be used for deep code analysis or to try to modify files with it.
- At the Installation wiki page you can find all the necessary information to set up Bokken for both supported platforms, Linux and Windows.
- Running Bokken explains how to start Bokken once installed.
- The PE/Elf section can be used as basic GUI overview.
- The GUI changes slightly depending on the target, here you have a wiki entry for each of them (with the corresponding screenshots):
- PE/ELF files can be analyzed in hexadecimal and disassembly formats and further information can be gained with the plugins.
- Web sites can also be analyzed for malware or security issues.
- PDF files are supported and some features can aid in its examination for malicious code.
- Finally all other files can be studied whether they are in binary or plain text format.
- If you wish to help, go to the development wiki to get started
For any doubt or question about the project visit the Contact page.
Bokken point release 1.6, Debian private repository
A month and a half after Bokken 1.5 we release Bokken 1.6 as a bugfix release, and we also offer for the first time a signed APT repository for Debian derivatives. See the blog post and spread the word!
Bokken 1.5 Debian/Ubuntu packages ready.
The packages for Debian/Ubuntu are ready and uploaded to Debian and Redmine.
Bokken 1.5 has been released!
We are very proud to announce that Bokken 1.5 has seen the light, finally. This is our best release so far!