winchecksec
winchecksec
- 作用:Windows静态安全检测工具
- 支持检测如下
安全特性
ASLR
/DYNAMICBASE
with stripped relocation entries edge-case
/HIGHENTROPYVA
for 64-bit systems
Code integrity/signing:
/INTEGRITYCHECK
- Authenticode-signed with a valid (trusted, active) certificate (currently unsupported on Linux)
DEP
Manifest isolation
SEH
和SafeEH
SEH
=Structured Exception Handling
Control Flow Guard
和Return Flow Guard instrumentation
Stack cookie
- 资料
- Github
- trailofbits/winchecksec: Checksec, but for Windows: static detection of security mitigations in executables