What BinaryLens is for
BinaryLens is a Windows desktop triage tool for suspicious files, URLs, hostnames, and raw IP targets.
The goal is not to make a final verdict for you. The goal is to shorten the first pass and make the next decision easier.
A good way to think about it is this:
- give the app the target
- let it gather the signals that fit that target type
- read the report
- decide whether the case deserves a deeper manual step
Which package should you pick?
Installer
Use the installer if you want the most normal setup path.
It is the better default when you only want to run the current public build without thinking about the source tree.
Typical flow:
- download
BinaryLens-Setup.exe - install the app
- launch BinaryLens normally from Windows
Portable
Use the portable package if you prefer an extract-and-run layout.
Typical flow:
- download
BinaryLens-Portable-v1.1.0.zip - extract the folder somewhere you want to keep it
- run
BinaryLensQt.exe
What the packaged build already gives you
The public release is meant to be runnable without a separate Qt setup step.
That means the packaged build is there for people who want to try the app first and only worry about the source build later.
What to expect from the first pass
Depending on the target, BinaryLens can surface things like:
- hash information
- PE and import context
- archive inventory details
- embedded payload hints
- YARA matches
- VirusTotal lookups when configured
- network ownership and infrastructure context for URL / IP work
What it does not replace
BinaryLens is still not a replacement for:
- a sandbox
- an EDR
- deep manual reverse engineering
- high-confidence incident response tooling
That limit is part of the point. The tool is strongest when it improves the first checkpoint instead of pretending to be the whole investigation.