<h1 align="center">
<br>checksec.py</br>
</h1>
<h3 align="center">
Checksec tool in Python, Rich output, based on LIEF
</h3>
<p align="center">
<strong>
<a href="https://asciinema.org/a/363216">
Demo
</a>
</strong>
</p>
<p align="center">
<a href="https://github.com/Wenzel/checksec.py/actions?query=workflow%3ACI">
<img src="https://github.com/Wenzel/checksec.py/workflows/CI/badge.svg" alt="CI badge"/>
</a>
<a href="https://pypi.org/project/checksec.py/">
<img src="https://img.shields.io/pypi/v/checksec.py?color=blue" alt="PyPI package badge"/>
</a>
<a href="https://pypi.org/project/checksec.py/">
<img src="https://img.shields.io/pypi/pyversions/checksec.py" alt="Python version badge"/>
</a>
<a href="https://gitter.im/checksec-py/community?utm_source=share-link&utm_medium=link&utm_campaign=share-link">
<img src="https://badges.gitter.im/checksec-py/community.svg" />
</a>
</p>
<p align="center">
<a href="https://pepy.tech/project/checksec.py">
<img src="https://pepy.tech/badge/checksec-py" />
</a>
<a href="https://pepy.tech/project/checksec.py">
<img src="https://img.shields.io/pypi/dm/checksec.py?color=blue&label=downloads&style=flat-square" />
</a>
</p>
<p align="center">
<a href="https://asciinema.org/a/363216">
<img src="https://user-images.githubusercontent.com/964610/94983280-9d007c80-0541-11eb-8462-3da5b7bce35b.png" />
</a>
</p>
## Table of Contents
- [Overview](#overview)
- [Requirements](#requirements)
- [Setup](#setup)
- [Windows](#windows)
- [Linux](#linux)
- [Usage](#usage)
- [FAQ](#faq)
- [References](#references)
- [License](#license)
- [Contributors](#contributors)
## Overview
A simple tool to verify the security properties of your binaries.
These properties can be enabled by your compiler to enforce the security of your executables, and mitigate exploits.
However it can be challenging to apply them on a whole system.
Check the level of security your Linux distro / Windows release is providing you !
Supported formats:
- [x] `ELF`
- [x] `PE`
- [ ] `Mach-O`
Based on:
- [Rich](https://github.com/willmcgugan/rich): Beautiful terminal output formatting
- [LIEF](https://github.com/lief-project/LIEF): Cross-platform library to parse, modify and abstract ELF, PE and Mach-O formats
## Requirements
## Setup
### Windows
You find the `checksec.exe` on the latest Github releases:
<a href="https://github.com/Wenzel/checksec.py/releases/latest">
<img src="https://img.shields.io/badge/Windows%20release-download-blue?style=for-the-badge"/>
</a>
### Linux
<a href="https://pypi.org/project/checksec.py/">
<img src="https://img.shields.io/pypi/v/checksec.py?color=blue&label=PyPI%20package&style=for-the-badge" />
</a>
~~~
python3 -m venv venv
source venv/bin/activate
(venv) pip install checksec.py
~~~
## Usage
~~~
(venv) checksec <file_or_directory>...
~~~
Check `--help` for more options (_JSON output_, _recursive walk_, _workers count_)
## FAQ
1️⃣ What's the difference between [`checksec.py`](https://github.com/Wenzel/checksec.py) and [`checksec.sh`](https://github.com/slimm609/checksec.sh) ?
| | checksec.py | checksec.sh |
|----------------------------|:-----------:|:-----------:|
| Cross-Platform support | ✔ | ❌ |
| Distributed workload | ✔ | ❌ |
| Scan file | ✔ | ✔ |
| Scan directory | ✔ | ✔ |
| Scan directory recursively | ✔ | ❌ |
| Specify libc path | ✔ | ❌ |
| Scan process | ❌ | ✔ |
| Scan process libs | ❌ | ✔ |
| Scan kernel config | ❌ | ✔ |
| Output Cli | ✔ | ✔ |
| Output JSON | ✔ | ✔ |
| Output CSV | ❌ | ✔ |
| Output XML | ❌ | ✔ |
| ELF: Relro | ✔ | ✔ |
| ELF: Canary | ✔ | ✔ |
| ELF: NX | ✔ | ✔ |
| ELF: PIE | ✔ | ✔ |
| ELF: RPATH | ✔ | ✔ |
| ELF: RUNPATH | ✔ | ✔ |
| ELF: Symbols | ✔ | ✔ |
| ELF: Fortify | ✔ | ✔ |
| ELF: Fortified | ✔ | ✔ |
| ELF: Fortifable | ✔ | ✔ |
| ELF: Fortify Score | ✔ | ❌ |
2️⃣ What's the difference between [`checksec.py`](https://github.com/Wenzel/checksec.py) and [`winchecksec`](https://github.com/trailofbits/winchecksec) ?
| | checksec.py | winchecksec |
|-----------------------------|:-----------:|:-----------:|
| Cross-Platform support | ✔ | ✔ |
| Distributed workload | ✔ | ❌ |
| Scan file | ✔ | ✔ |
| Scan directory | ✔ | ❌ |
| Scan directory recursively | ✔ | ❌ |
| Output CLI | ✔ | ✔ |
| Output JSON | ✔ | ✔ |
| PE: ASLR - DYNAMIC_BASE | ✔ | ✔ |
| PE: ASLR - HIGHENTROPYVA | ✔ | ✔ |
| PE: INTEGRITYCHECK | ✔ | ✔ |
| PE: Authenticode signed | ✔ | ✔ |
| PE: DEP | ✔ | ✔ |
| PE: Manifest Isolation | ✔ | ✔ |
| PE: SEH | ✔ | ✔ |
| PE: SafeSEH | ✔ | ✔ |
| PE: Control Flow Guard | ✔ | ✔ |
| PE: Return Flow Guard | ❌ | ✔ |
| PE: Stack Cookie | ✔ | ✔ |
3️⃣ `checksec` is slow on some huge binaries ! What's happening ?!
`checksec.py` relies on the [`LIEF`](https://github.com/lief-project/LIEF) library to parse `PE/ELF/MachO` formats.
➡️The library doesn't offer at this point _on-demand_ parsing, so it will parse and fetch unnecessary data.
➡️Retrieving symbols can be slow (ex: `pandoc`, `118M`, `+300 000` symbols, `+2m 20sec`). See this [issue](https://github.com/Wenzel/checksec.py/issues/52)
4️⃣ I sent a `CTRL-C` to cancel `checksec.py` processing, the app doesn't want to quit
`checksec.py` is working with multiple process workers to parallelize its execution and binary processing.
When a `CRTL-C` is received, `checksec.py` will [wait](https://docs.python.org/3/library/concurrent.futures.html#concurrent.futures.Executor.shutdown) for them to stop.
Sometimes, this is not working, and I don't know why at this point.
You can kill the remaining Python workers afterwards.
## References
- [@apogiatzis](https://github.com/apogiatzis) [Gist checksec.py](https://gist.github.com/apogiatzis/fb617cd118a9882749b5cb167dae0c5d)
- [checksec.sh](https://github.com/slimm609/checksec.sh)
- [winchecksec](https://github.com/trailofbits/winchecksec)
## License
[](https://www.gnu.org/licenses/gpl-3.0)
## Contributors
[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/0)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/1)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/2)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/3)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/4)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/5)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/6)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/7)
Raw data
{
"_id": null,
"home_page": "https://github.com/Wenzel/checksec.py",
"name": "checksec-py",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.8,<3.12",
"maintainer_email": "",
"keywords": "checksec,security,ELF,PE,binary",
"author": "Mathieu Tarral",
"author_email": "mathieu.tarral@protonmail.com",
"download_url": "",
"platform": null,
"description": "<h1 align=\"center\">\n <br>checksec.py</br>\n</h1>\n\n<h3 align=\"center\">\nChecksec tool in Python, Rich output, based on LIEF\n</h3>\n\n<p align=\"center\">\n <strong>\n <a href=\"https://asciinema.org/a/363216\">\n Demo\n </a>\n </strong>\n</p>\n\n<p align=\"center\">\n <a href=\"https://github.com/Wenzel/checksec.py/actions?query=workflow%3ACI\">\n <img src=\"https://github.com/Wenzel/checksec.py/workflows/CI/badge.svg\" alt=\"CI badge\"/>\n </a>\n <a href=\"https://pypi.org/project/checksec.py/\">\n <img src=\"https://img.shields.io/pypi/v/checksec.py?color=blue\" alt=\"PyPI package badge\"/>\n </a>\n <a href=\"https://pypi.org/project/checksec.py/\">\n <img src=\"https://img.shields.io/pypi/pyversions/checksec.py\" alt=\"Python version badge\"/>\n </a>\n <a href=\"https://gitter.im/checksec-py/community?utm_source=share-link&utm_medium=link&utm_campaign=share-link\">\n <img src=\"https://badges.gitter.im/checksec-py/community.svg\" />\n </a>\n</p>\n<p align=\"center\">\n <a href=\"https://pepy.tech/project/checksec.py\">\n <img src=\"https://pepy.tech/badge/checksec-py\" /> \n </a>\n <a href=\"https://pepy.tech/project/checksec.py\">\n <img src=\"https://img.shields.io/pypi/dm/checksec.py?color=blue&label=downloads&style=flat-square\" />\n </a>\n</p>\n\n<p align=\"center\">\n <a href=\"https://asciinema.org/a/363216\">\n <img src=\"https://user-images.githubusercontent.com/964610/94983280-9d007c80-0541-11eb-8462-3da5b7bce35b.png\" />\n </a>\n</p>\n\n## Table of Contents\n\n- [Overview](#overview)\n- [Requirements](#requirements)\n- [Setup](#setup)\n - [Windows](#windows)\n - [Linux](#linux)\n- [Usage](#usage)\n- [FAQ](#faq)\n- [References](#references)\n- [License](#license)\n- [Contributors](#contributors)\n\n## Overview\n\nA simple tool to verify the security properties of your binaries.\n\nThese properties can be enabled by your compiler to enforce the security of your executables, and mitigate exploits.\nHowever it can be challenging to apply them on a whole system.\n\nCheck the level of security your Linux distro / Windows release is providing you !\n\nSupported formats:\n\n- [x] `ELF`\n- [x] `PE`\n- [ ] `Mach-O`\n\nBased on:\n- [Rich](https://github.com/willmcgugan/rich): Beautiful terminal output formatting\n- [LIEF](https://github.com/lief-project/LIEF): Cross-platform library to parse, modify and abstract ELF, PE and Mach-O formats\n\n## Requirements\n\n\n\n## Setup\n\n### Windows\n\nYou find the `checksec.exe` on the latest Github releases:\n\n<a href=\"https://github.com/Wenzel/checksec.py/releases/latest\">\n <img src=\"https://img.shields.io/badge/Windows%20release-download-blue?style=for-the-badge\"/>\n</a>\n\n### Linux\n\n<a href=\"https://pypi.org/project/checksec.py/\">\n <img src=\"https://img.shields.io/pypi/v/checksec.py?color=blue&label=PyPI%20package&style=for-the-badge\" />\n</a>\n\n~~~\npython3 -m venv venv\nsource venv/bin/activate\n(venv) pip install checksec.py\n~~~\n\n## Usage\n\n~~~\n(venv) checksec <file_or_directory>...\n~~~\n\nCheck `--help` for more options (_JSON output_, _recursive walk_, _workers count_)\n\n## FAQ\n\n1\ufe0f\u20e3 What's the difference between [`checksec.py`](https://github.com/Wenzel/checksec.py) and [`checksec.sh`](https://github.com/slimm609/checksec.sh) ?\n\n| | checksec.py | checksec.sh |\n|----------------------------|:-----------:|:-----------:|\n| Cross-Platform support | \u2714 | \u274c |\n| Distributed workload | \u2714 | \u274c |\n| Scan file | \u2714 | \u2714 |\n| Scan directory | \u2714 | \u2714 |\n| Scan directory recursively | \u2714 | \u274c |\n| Specify libc path | \u2714 | \u274c |\n| Scan process | \u274c | \u2714 |\n| Scan process libs | \u274c | \u2714 |\n| Scan kernel config | \u274c | \u2714 |\n| Output Cli | \u2714 | \u2714 |\n| Output JSON | \u2714 | \u2714 |\n| Output CSV | \u274c | \u2714 |\n| Output XML | \u274c | \u2714 |\n| ELF: Relro | \u2714 | \u2714 |\n| ELF: Canary | \u2714 | \u2714 |\n| ELF: NX | \u2714 | \u2714 |\n| ELF: PIE | \u2714 | \u2714 |\n| ELF: RPATH | \u2714 | \u2714 |\n| ELF: RUNPATH | \u2714 | \u2714 |\n| ELF: Symbols | \u2714 | \u2714 |\n| ELF: Fortify | \u2714 | \u2714 |\n| ELF: Fortified | \u2714 | \u2714 |\n| ELF: Fortifable | \u2714 | \u2714 |\n| ELF: Fortify Score | \u2714 | \u274c |\n\n\n2\ufe0f\u20e3 What's the difference between [`checksec.py`](https://github.com/Wenzel/checksec.py) and [`winchecksec`](https://github.com/trailofbits/winchecksec) ?\n\n| | checksec.py | winchecksec |\n|-----------------------------|:-----------:|:-----------:|\n| Cross-Platform support | \u2714 | \u2714 |\n| Distributed workload | \u2714 | \u274c |\n| Scan file | \u2714 | \u2714 |\n| Scan directory | \u2714 | \u274c |\n| Scan directory recursively | \u2714 | \u274c |\n| Output CLI | \u2714 | \u2714 |\n| Output JSON | \u2714 | \u2714 |\n| PE: ASLR - DYNAMIC_BASE | \u2714 | \u2714 |\n| PE: ASLR - HIGHENTROPYVA | \u2714 | \u2714 |\n| PE: INTEGRITYCHECK | \u2714 | \u2714 |\n| PE: Authenticode signed | \u2714 | \u2714 |\n| PE: DEP | \u2714 | \u2714 |\n| PE: Manifest Isolation | \u2714 | \u2714 |\n| PE: SEH | \u2714 | \u2714 |\n| PE: SafeSEH | \u2714 | \u2714 |\n| PE: Control Flow Guard | \u2714 | \u2714 |\n| PE: Return Flow Guard | \u274c | \u2714 |\n| PE: Stack Cookie | \u2714 | \u2714 |\n\n3\ufe0f\u20e3 `checksec` is slow on some huge binaries ! What's happening ?!\n\n`checksec.py` relies on the [`LIEF`](https://github.com/lief-project/LIEF) library to parse `PE/ELF/MachO` formats.\n\n\u27a1\ufe0fThe library doesn't offer at this point _on-demand_ parsing, so it will parse and fetch unnecessary data.\n\n\u27a1\ufe0fRetrieving symbols can be slow (ex: `pandoc`, `118M`, `+300 000` symbols, `+2m 20sec`). See this [issue](https://github.com/Wenzel/checksec.py/issues/52)\n\n4\ufe0f\u20e3 I sent a `CTRL-C` to cancel `checksec.py` processing, the app doesn't want to quit\n\n`checksec.py` is working with multiple process workers to parallelize its execution and binary processing.\nWhen a `CRTL-C` is received, `checksec.py` will [wait](https://docs.python.org/3/library/concurrent.futures.html#concurrent.futures.Executor.shutdown) for them to stop.\n\nSometimes, this is not working, and I don't know why at this point.\nYou can kill the remaining Python workers afterwards.\n\n## References\n\n- [@apogiatzis](https://github.com/apogiatzis) [Gist checksec.py](https://gist.github.com/apogiatzis/fb617cd118a9882749b5cb167dae0c5d)\n- [checksec.sh](https://github.com/slimm609/checksec.sh)\n- [winchecksec](https://github.com/trailofbits/winchecksec)\n\n## License\n\n[](https://www.gnu.org/licenses/gpl-3.0)\n\n## Contributors\n\n[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/0)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/1)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/2)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/3)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/4)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/5)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/6)[](https://sourcerer.io/fame/Wenzel/Wenzel/checksec.py/links/7)\n",
"bugtrack_url": null,
"license": "GPL-3.0-only",
"summary": "Checksec tool implemented in Python",
"version": "0.7.1",
"project_urls": {
"Homepage": "https://github.com/Wenzel/checksec.py",
"Repository": "https://github.com/Wenzel/checksec.py"
},
"split_keywords": [
"checksec",
"security",
"elf",
"pe",
"binary"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "8550046a1a4cab8da5b72ea694466e5204653d1b72f9bc1814e634e88259ee07",
"md5": "b08f5ad1d5875c455aac0162889bacb2",
"sha256": "9ce8244df3732d3373f942d47754e06635fbdafa903f5a65956991680fd76452"
},
"downloads": -1,
"filename": "checksec_py-0.7.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "b08f5ad1d5875c455aac0162889bacb2",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8,<3.12",
"size": 27524,
"upload_time": "2023-05-12T07:14:46",
"upload_time_iso_8601": "2023-05-12T07:14:46.432355Z",
"url": "https://files.pythonhosted.org/packages/85/50/046a1a4cab8da5b72ea694466e5204653d1b72f9bc1814e634e88259ee07/checksec_py-0.7.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-05-12 07:14:46",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "Wenzel",
"github_project": "checksec.py",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "checksec-py"
}
JSON
