Skip to content
/PESecurityPublic
forked from NetSPI/PESecurity

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.

blog.netspi.com/verifying-aslr-dep-and-safeseh-with-powershell/

License

MIT license
0 stars 149 forks BranchesTagsActivity
Star
Notifications You must be signed in to change notification settings

gl4nce/PESecurity

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

History

56 Commits
Get-PESecurity.psm1
Get-PESecurity.psm1
README.md
README.md
license.txt
license.txt

Repository files navigation

PESecurity

PowerShell script to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, Authenticode, Control Flow Guard, and HighEntropyVA.

Import the module Import-Module .\Get-PESecurity.psm1 
Check a single file C:\PS> Get-PESecurity -file C:\Windows\System32\kernel32.dll 
Check a directory for DLLs & EXEs C:\PS> Get-PESecurity -directory C:\Windows\System32\ 
Check a directory for DLLs & EXEs recrusively C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive 
Export results as a CSV C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Export-CSV file.csv 
Show results in a table C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table 
Show results in a table and sort by a column C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table | sort ASLR

Links

About

PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.

blog.netspi.com/verifying-aslr-dep-and-safeseh-with-powershell/

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PowerShell100.0%