Skip to content

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.

License

Notifications You must be signed in to change notification settings

NetSPI/PESecurity

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
 
 
 
 
 
 

Repository files navigation

PESecurity

PowerShell script to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, Authenticode, Control Flow Guard, and HighEntropyVA.

Import the module

Import-Module .\Get-PESecurity.psm1
Check a single file

C:\PS> Get-PESecurity -file C:\Windows\System32\kernel32.dll
Check a directory for DLLs & EXEs

C:\PS> Get-PESecurity -directory C:\Windows\System32\
Check a directory for DLLs & EXEs recrusively

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive
Export results as a CSV

C:\PS>  Get-PESecurity -directory C:\Windows\System32\ -recursive | Export-CSV file.csv
Show results in a table

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table
Show results in a table and sort by a column

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table | sort ASLR

Links

About

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published