Would be cool if security people made a wishlist, then developers wanting to get into security tooling could make them :)
-
-
-
Not exactly what you're asking for, but we track "good first issues" across all of our projects and reward contributors with bounty payments. https://github.com/trailofbits/winchecksec/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22 …
End of conversation
New conversation -
-
-
Similar tools do exist e.g. binskim (the successor to BinScope) https://blogs.msdn.microsoft.com/secdevblog/2016/08/17/introducing-binskim/ …. There's also the Get-ProcessMitigation builtin powershell cmdlet for checking dynamic/runtime mitigation settings.
-
Yep! Mentioned them in the post. We built ours as an embeddable library.
-
So you did :) Guess I should have read the post first!
End of conversation
New conversation -
-
-
We did something like this for Linux systems in Python a few years back. Also no dependencies. OSS:https://github.com/HewlettPackard/reconbf …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Ya forgot SlopFinder, the old fashioned way I checked these things: http://icebuddha.com/slopfinder.htm
-
I ran into SlopFinder/IceBuddha while researching this post! Awesome tool, but similarly limited (only does ASLR and DEP checks, IIRC). Also not updated since 2014

-
I slightly updated SlopFinder as Serene (https://summitroute.com/serene/ ), mostly adding osx checks, and also released yara sigs for these checks (https://summitroute.com/blog/2017/07/24/yara_sigs_for_security_best_practices/ …), but winchecksec is doing some additional checks, and I don't maintain any Windows stuff anymore.
End of conversation
New conversation -
-
-
I did mention the GS check is fragile. Also embedded statically linked compiler versions etc. The intent was to nudge the developer. I linked to code to show how I did it in a comment on your blog but it go deleted.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.