A simple tool to verify the security properties of your binaries.
These properties can be enabled by your compiler to enforce the security of your executables, and mitigate exploits. However it can be challenging to apply them on a whole system.
Check the level of security your Linux distro / Windows release is providing you !
Supported formats:
-
ELF
-
PE
-
Mach-O
Based on:
- Rich: Beautiful terminal output formatting
- LIEF: Cross-platform library to parse, modify and abstract ELF, PE and Mach-O formats
You find the checksec.exe
on the latest Github releases:
python3 -m venv venv
source venv/bin/activate
(venv) pip install checksec.py
(venv) checksec <file_or_directory>...
Check --help
for more options (JSON output, recursive walk, workers count)
1️⃣ What's the difference between checksec.py
and checksec.sh
?
checksec.py | checksec.sh | |
---|---|---|
Cross-Platform support | ✔ | ❌ |
Distributed workload | ✔ | ❌ |
Scan file | ✔ | ✔ |
Scan directory | ✔ | ✔ |
Scan directory recursively | ✔ | ❌ |
Specify libc path | ✔ | ❌ |
Scan process | ❌ | ✔ |
Scan process libs | ❌ | ✔ |
Scan kernel config | ❌ | ✔ |
Output Cli | ✔ | ✔ |
Output JSON | ✔ | ✔ |
Output CSV | ❌ | ✔ |
Output XML | ❌ | ✔ |
ELF: Relro | ✔ | ✔ |
ELF: Canary | ✔ | ✔ |
ELF: NX | ✔ | ✔ |
ELF: PIE | ✔ | ✔ |
ELF: RPATH | ✔ | ✔ |
ELF: RUNPATH | ✔ | ✔ |
ELF: Symbols | ✔ | ✔ |
ELF: Fortify | ✔ | ✔ |
ELF: Fortified | ✔ | ✔ |
ELF: Fortifable | ✔ | ✔ |
ELF: Fortify Score | ✔ | ❌ |
2️⃣ What's the difference between checksec.py
and winchecksec
?
checksec.py | winchecksec | |
---|---|---|
Cross-Platform support | ✔ | ✔ |
Distributed workload | ✔ | ❌ |
Scan file | ✔ | ✔ |
Scan directory | ✔ | ❌ |
Scan directory recursively | ✔ | ❌ |
Output CLI | ✔ | ✔ |
Output JSON | ✔ | ✔ |
PE: ASLR - DYNAMIC_BASE | ✔ | ✔ |
PE: ASLR - HIGHENTROPYVA | ✔ | ✔ |
PE: INTEGRITYCHECK | ✔ | ✔ |
PE: Authenticode signed | ✔ | ✔ |
PE: DEP | ✔ | ✔ |
PE: Manifest Isolation | ✔ | ✔ |
PE: SEH | ✔ | ✔ |
PE: SafeSEH | ✔ | ✔ |
PE: Control Flow Guard | ✔ | ✔ |
PE: Return Flow Guard | ❌ | ✔ |
PE: Stack Cookie | ✔ | ✔ |
3️⃣ checksec
is slow on some huge binaries ! What's happening ?!
checksec.py
relies on the LIEF
library to parse PE/ELF/MachO
formats.
➡️The library doesn't offer at this point on-demand parsing, so it will parse and fetch unnecessary data.
➡️Retrieving symbols can be slow (ex: pandoc
, 118M
, +300 000
symbols, +2m 20sec
). See this issue
4️⃣ I sent a CTRL-C
to cancel checksec.py
processing, the app doesn't want to quit
checksec.py
is working with multiple process workers to parallelize its execution and binary processing.
When a CRTL-C
is received, checksec.py
will wait for them to stop.
Sometimes, this is not working, and I don't know why at this point. You can kill the remaining Python workers afterwards.