ex0dus-0x / binsec Goto Github PK
View Code? Open in Web Editor NEWBinary (In)security tool
License: MIT License
Binary (In)security tool
License: MIT License
Allow users to construct YAML/TOML-based configurations that define the binaries to be analyzed, and the specific mode of execution mode they would like the detector to analyze it under.
Add other checks that can't be grouped and organized together.
This can include:
If specified with a flag like --opinion
, return compiler flags that can be harnessed in order to mitigate any security features that are not set for the specific instance. Ie with partial RELRO for ELF binaries, we can recommend the following to upgrade to a full RELRO to prevent jumps to dynamically linked symbols:
-Wl,-z,relro,-z,now
If flag is set, this output should be incorporated in all output formats that are emitted.
If we take in several executables at once and specify the output to be some type of serializable format, have some type of configuration to concatenate all of them together and output as one unit rather than seperate ones at once.
Some users may simply want to use binsec
at its core to detect security features for binaries, without the burden of the other unused functionalities and their dependencies. If set, ie as kerncheck
and rulecheck
features, we can make them optional during installation.
This started out as a learning lesson for parsing binaries with goblin
and recognizing exploit protection primitives. However, there can be a much stronger push for this as an integration into software supply chain security mitigations.
binsec should be fully CI/CD ready for GitHub Actions, trigger detections on binary artifact releases and recommending additional compilation steps (as per #62). Not only does this create actionable security items for devs, but also a point of transparency for security researchers looking for vulns.
Good series of posts with information about different Windows mitigations:
For binary checks:
Here are potential ideas for what to implement down the road:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.