Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust. cargo crate releases periodically Uses goblin to for multi-platform binary parsing support and ignore for fast recursive path iteration that respects various filters such as globs, file types and .gitignore files and serde for Serializaiton/Deserialization. Prior Art Plenty of prior art exists for this type of tool. Some are standalone command line utilities and some are plugins for frameworks or debuggers, however all are platform specific. Project Author Language Active checksec.sh (original) Tobias Klein bash Jan 28, 2009 - Nov 17, 2011 checksec Dhiru Kholia python Apr 18, 2013 - Mar 19, 2014 checksec.sh Brian Davis bash Feb 14, 2014 - current pwntools - checksec Gallopsled python Nov 8, 2014 - current CheckSec.c hugsy c Dec 7, 2015 - Apr 24, 2018 checksec klks c++ Mar 25, 2017 iOS-checksec.py ChiChou python Apr 6, 2017 checksec-win Lucas Leong c++ Aug 21, 2017 winchecksec Trail Of Bits c++ Aug 17, 2018 - current pe_mitigation_check.py David Cannings python Sep 20, 2018 note: not an exhaustive list Build/Install git (HEAD) git clone https://github.com/etke/checksec.rs && cd checksec.rs cargo build --release cargo install --path . cargo cargo install checksec Cross-compilation For instances where you want to compile for a different target OS or architecture, see rust-cross. Usage USAGE: checksec [FLAGS] [OPTIONS] FLAGS: -h, --help Prints help information -j, --json Output in json format --pretty Human readable json output -P, --process-all Check all running processes -V, --version Prints version information OPTIONS: -d, --directory <DIRECTORY> Target directory -f, --file <FILE> Target file -p, --process <NAME> Name of running process to check Example standalone checksec individual binary $ checksec -f test/binaries/true-x86_64 ELF64: | Canary: true CFI: false SafeStack: false Fortify: true Fortified: 2 NX: true PIE: None Relro: Partial RPATH: None RUNPATH: None | File: test/binaries/true-x86_64 individual binary (json output) $ checksec -f test/binaries/true-x86_64 --json {"binaries":[{"binarytype":"Elf64","file":"test/binaries/true-x86_64","properties":{"Elf":{"canary":true,"clang_cfi":false,"clang_safestack":false,"fortified":2,"fortify":true,"nx":true,"pie":"None","relro":"Partial","rpath":{"paths":["None"]},"runpath":{"paths":["None"]}}}}]} running processes $ checksec -P -zsh(34) ↪ ELF64: | Canary: true CFI: false SafeStack: false Fortify: true Fortified: 8 NX: true PIE: Full Relro: Full RPATH: None RUNPATH: None | File: /bin/zsh checksec(216) ↪ ELF64: | Canary: false CFI: false SafeStack: false Fortify: false Fortified: 0 NX: true PIE: Full Relro: Full RPATH: None RUNPATH: None | File: /home/etke/.cargo/bin/checksec init(1) ↪ ELF64: | Canary: false CFI: false SafeStack: false Fortify: false Fortified: 0 NX: true PIE: None Relro: Partial RPATH: None RUNPATH: None | File: /init running processes (json output) $ checksec -P --json {"processes":[{"binary":[{"binarytype":"Elf64","file":"/bin/zsh","properties":{"Elf":{"canary":true,"clang_cfi":false,"clang_safestack":false,"fortified":8,"fortify":true,"nx":true,"pie":"PIE","relro":"Full","rpath":{"paths":["None"]},"runpath":{"paths":["None"]}}}}],"pid":34},{"binary":[{"binarytype":"Elf64","file":"/init","properties":{"Elf":{"canary":false,"clang_cfi":false,"clang_safestack":false,"fortified":0,"fortify":false,"nx":true,"pie":"None","relro":"Partial","rpath":{"paths":["None"]},"runpath":{"paths":["None"]}}}}],"pid":1},{"binary":[{"binarytype":"Elf64","file":"/home/etke/.cargo/bin/checksec","properties":{"Elf":{"canary":false,"clang_cfi":false,"clang_safestack":false,"fortified":0,"fortify":false,"nx":true,"pie":"PIE","relro":"Full","rpath":{"paths":["None"]},"runpath":{"paths":["None"]}}}}],"pid":232}]} libchecksec Just add the following to any current project with goblin dependencies to enable checksec trait on goblin::Object::{Elf, Mach, PE} objects. Add checksec crate dependency to your project Cargo.toml. [dependencies] checksec = { version = "0.0.9", features = ["elf", "macho", "pe", "color"] } Now in your project source, specify dependency on the checksec crate and import the required module to access the associated Properties trait(s). extern crate checksec; use checksec::elf; use checksec::macho; use checksec::pe; You will now have access to all the implemented check functions directly from the goblin::Object. See examples/ for library usage examples. Todo libchecksec todos Platform specific checks ELF Fortifiable Rpath RW PE Authenticode verification MachO Rpath RW Platform independent checks MachO @rpath contents into shared::VecRpath similar to DT_RPATH/DT_RUNPATH on ELFs Code signature validation checksec todos ? project todos Tests (cargo test) Contributing Improvements welcome! For ideas, please check the Github Issues page. Want something added? file an issue and tag it with improvement Found a problem? file an issue including the following information Description of the problem Expected behaviour Attach bug tag For pull requests to be reviewed; must be formatted with supplied project rustfmt.toml must have no Clippy warnings/errors with supplied project clippy.toml (when one exists)