Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/NetSPI/PESecurity

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
https://github.com/NetSPI/PESecurity

Last synced: 3 months ago
JSON representation

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.

Host: GitHub
URL: https://github.com/NetSPI/PESecurity
Owner: NetSPI
License: mit
Created: 2014-06-10T18:55:05.000Z (over 10 years ago)
Default Branch: master
Last Pushed: 2022-02-08T19:04:36.000Z (over 2 years ago)
Last Synced: 2024-04-14T18:14:29.630Z (7 months ago)
Language: PowerShell
Homepage: https://blog.netspi.com/verifying-aslr-dep-and-safeseh-with-powershell/
Size: 103 KB
Stars: 608
Watchers: 82
Forks: 149
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: license.txt

Awesome Lists containing this project

awesome-powershell - PESecurity - Module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode. 🚧 (🛡️ Security)

README

PESecurity
=========

PowerShell script to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, Authenticode, Control Flow Guard, and HighEntropyVA.

```
Import the module

Import-Module .\Get-PESecurity.psm1
```

```
Check a single file

C:\PS> Get-PESecurity -file C:\Windows\System32\kernel32.dll
```
```
Check a directory for DLLs & EXEs

C:\PS> Get-PESecurity -directory C:\Windows\System32\
```
```
Check a directory for DLLs & EXEs recrusively

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive
```
```
Export results as a CSV

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Export-CSV file.csv
```
```
Show results in a table

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table
```
```
Show results in a table and sort by a column

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table | sort ASLR
```
Links

* http://msdn.microsoft.com/en-us/library/windows/desktop/ms680336(v=vs.85).aspx
* http://msdn.microsoft.com/en-us/library/windows/desktop/ms680339(v=vs.85).aspx
* http://msdn.microsoft.com/en-us/library/windows/desktop/ms680328(v=vs.85).aspx
* http://msdn.microsoft.com/en-us/library/9a89h429.aspx
* https://github.com/mattifestation/PowerSploit