Binary Ninja (Binja)

Binary Ninja (BN) is a cross-platform reversing platform that combines an:

• interactive disassembler,
• decompiler, and
• debugger

It runs on macOS (as well as Windows and Linux) and supports Mach-O binaries (including universal/fat binaries with multiple architectures).

Binja on macOS

For folks experienced with macOS internals (I have sections on this) but new to BN, the initial setup is straightforward. You can download the macOS Binary Ninja application (a DMG) and drag it to /Applications.

Launching BN presents a “New Tab” where you can open a Mach-O binary. If the file is a universal binary, BN will prompt you to choose which architecture slice to analyze (e.g. x86_64 or arm64). By default, BN fully disassembles and even decompiles the binary (into BN’s HLIL, high-level IL) as part of its initial analysis, giving a linear decompilation view of the entire Mach-O file automatically.

• copied /bin/ls to ~/binja-ls

what are each of these options

The default options in Binary Ninja’s “Open with Options” dialog are safe to use for analyzing a standard Mach-O binary. The tool automatically selects the correct architecture (e.g., x86_64) from a universal binary, sets the entry point offset (where execution begins), and assigns a default image base address (0x100000000) for virtual memory mapping. Binja assigns a default image base address (0x100000000) to simulate how the OS loads the binary into virtual memory, ensuring accurate address references during disassembly and analysis.

The platform is chosen based on the binary’s architecture, and the section descriptions (e.g., _bss, _data, _cstring) define memory segments and their permissions, which Binja handles automatically. Unless you’re doing advanced manual mapping or custom loading, there’s no need to modify these defaults.