{"id":24444425,"url":"https://github.com/hockeyinjune/check-security","last_synced_at":"2026-05-18T22:16:20.184Z","repository":{"id":82089275,"uuid":"186203736","full_name":"HockeyInJune/Check-Security","owner":"HockeyInJune","description":"checksec for Windows","archived":false,"fork":false,"pushed_at":"2020-02-09T01:36:28.000Z","size":157,"stargazers_count":3,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-20T22:55:33.086Z","etag":null,"topics":["security","verification","windows"],"latest_commit_sha":null,"homepage":"","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/HockeyInJune.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-05-12T02:51:35.000Z","updated_at":"2024-03-05T19:24:35.000Z","dependencies_parsed_at":null,"dependency_job_id":"a31503d2-b005-43fb-8b5a-ae848dd63dde","html_url":"https://github.com/HockeyInJune/Check-Security","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HockeyInJune%2FCheck-Security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HockeyInJune%2FCheck-Security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HockeyInJune%2FCheck-Security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/HockeyInJune%2FCheck-Security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/HockeyInJune","download_url":"https://codeload.github.com/HockeyInJune/Check-Security/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243521281,"owners_count":20304186,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["security","verification","windows"],"created_at":"2025-01-20T22:52:01.142Z","updated_at":"2026-05-18T22:16:15.141Z","avatar_url":"https://github.com/HockeyInJune.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Check-Security\n\nWritten in the style of [checksec.sh](https://www.trapkit.de/tools/checksec.html) for Linux.\nCheck-Security is a simpler view of the current state of the exploit mitigation settings on your machine.\n\nMicrosoft [deprecated EMET](https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit) and added\n[that exploit mitigation functionality](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard),\nnow called [Windows Defender Exploit Guard](https://www.microsoft.com/security/blog/2017/10/23/windows-defender-exploit-guard-reduce-the-attack-surface-against-next-generation-malware/),\ninto Windows 10.\n\n\u003cblockquote class=\"twitter-tweet\" data-lang=\"en\"\u003e\u003cp lang=\"en\" dir=\"ltr\"\u003eIn response to this, I plan on writing a tool that helps defensive teams enumerate the exploit mitigations available and enabled on their Windows devices so they can better understand their exploitation landscape and how useless the technologies are that bad vendors are selling.\u003c/p\u003e\u0026mdash; Julian Cohen (@HockeyInJune) \u003ca href=\"https://twitter.com/HockeyInJune/status/1071506842600263680?ref_src=twsrc%5Etfw\"\u003eDecember 8, 2018\u003c/a\u003e\u003c/blockquote\u003e\n\n## Use\n\nRun `Check-Security` with the same parameters you would use with `Get-ProcessMitigation`.\n\nRun without parameters to system defaults.\n\n```\n.\\Check-Security.ps1\n```\n\nRun with parameters like this to get settings for specific processes.\n\n```\n.\\Check-Security.ps1 -Name iexplore.exe\n```\n\n## Output\n\nFor each exploit mitigation `Check-Security` will output \"On\", \"Off\", \"On (default)\", \"Off (default)\", or \"Unexpected value!\".\n\n```\nCategory:\n    Specific Mitigation (More details or Abbreviation) [CmdletName]:  Result\n```\n\nYou can use the `CmdletName` to change the exploit mitigation settings with `Set-ProcessMitigation`.\n\n```\nSet-ProcessMitigation -System -Enable CmdletName\n```\n\n## Screenshot\n\n![screenshot](screenshot.png \"Screenshot\")\n\n## References\n\n* [Customize exploit protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/customize-exploit-protection)\n* [Protect devices from exploits](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard)\n* [Enable exploit protection](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/enable-exploit-protection)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhockeyinjune%2Fcheck-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhockeyinjune%2Fcheck-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhockeyinjune%2Fcheck-security/lists"}