NetSPI / Pesecurity
Licence: mit
PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
Stars: ✭ 440
Programming Languages
powershell
5483 projects
PESecurity
PowerShell script to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, Authenticode, Control Flow Guard, and HighEntropyVA.
Import the module
Import-Module .\Get-PESecurity.psm1
Check a single file
C:\PS> Get-PESecurity -file C:\Windows\System32\kernel32.dll
Check a directory for DLLs & EXEs
C:\PS> Get-PESecurity -directory C:\Windows\System32\
Check a directory for DLLs & EXEs recrusively
C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive
Export results as a CSV
C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Export-CSV file.csv
Show results in a table
C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table
Show results in a table and sort by a column
C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table | sort ASLR
Links
- http://msdn.microsoft.com/en-us/library/windows/desktop/ms680336(v=vs.85).aspx
- http://msdn.microsoft.com/en-us/library/windows/desktop/ms680339(v=vs.85).aspx
- http://msdn.microsoft.com/en-us/library/windows/desktop/ms680328(v=vs.85).aspx
- http://msdn.microsoft.com/en-us/library/9a89h429.aspx
- https://github.com/mattifestation/PowerSploit
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].