### Install Checksec via Go
Source: https://context7.com/slimm609/checksec/llms.txt
Installs the latest version of Checksec using the Go toolchain.
```bash
go install github.com/slimm609/checksec/v3@latest
```
--------------------------------
### Check Executable Security Properties (CLI)
Source: https://github.com/slimm609/checksec/blob/main/README.md
Use this command to display security properties of an executable in a human-readable CLI format. No special setup is required.
```bash
$checksec file /bin/ls
RELRO Stack Canary NX PIE RPATH RUNPATH Symbols FORTIFY Fortified Fortifiable Name
Partial RELRO Canary Found NX enabled PIE Enabled No RPATH No RUNPATH No Symbols No 0 14 /bin/ls
```
--------------------------------
### Build Checksec from Source
Source: https://context7.com/slimm609/checksec/llms.txt
Clones the Checksec repository and builds the executable from source.
```bash
git clone https://github.com/slimm609/checksec.git
cd checksec
make build
```
--------------------------------
### Check FORTIFY_SOURCE Support for a Process
Source: https://github.com/slimm609/checksec/blob/main/README.md
Tests a running process (PID 1) for FORTIFY_SOURCE support. This command provides a detailed breakdown of FORTIFY_SOURCE status in both the binary and the linked libc.
```bash
$ checksec fortifyProc 1
_____ _ _ ______ _____ _ __ _____ ______ _____
/ ____| | | | ____/ ____| |/ // ____| ____/ ____|
| | | |__| | |__ | | | ' /| (___ | |__ | |
| | | __ | __|| | | < \___ \| __|| |
| |____| | | | |___| |____| . \ ____) | |___| |____
\_____|_| |_|______\_____|_|\_\_____/|______\_____|
* FORTIFY_SOURCE support available (libc): Yes
* Binary compiled with FORTIFY_SOURCE support: No
------ EXECUTABLE-FILE ------- | -------- LIBC --------
Fortifiable library functions | Checked function names
Coming Soon
SUMMARY
* Number of checked functions in libc : 18
* Total number of library functions in the executable: 2011
* Number of Fortifiable functions in the executable : 12
* Number of checked functions in the executable : 0
* Number of unchecked functions in the executable : 12
```
--------------------------------
### Check Fortify Source Status (CLI)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Analyze a running process for FORTIFY_SOURCE support and identify which functions are checked. This provides a detailed breakdown of security checks.
```bash
$ checksec --fortify-proc=1
* Process name (PID) : init (1)
* FORTIFY_SOURCE support available (libc) : Yes
* Binary compiled with FORTIFY_SOURCE support: Yes
------ EXECUTABLE-FILE ------- . -------- LIBC --------
FORTIFY-able library functions | Checked function names
-------------------------------------------------------
fdelt_chk | __fdelt_chk
read | __read_chk
syslog_chk | __syslog_chk
fprintf_chk | __fprintf_chk
vsnprintf_chk | __vsnprintf_chk
fgets | __fgets_chk
strncpy | __strncpy_chk
snprintf_chk | __snprintf_chk
memset | __memset_chk
strncat_chk | __strncat_chk
memcpy | __memcpy_chk
fread | __fread_chk
sprintf_chk | __sprintf_chk
SUMMARY:
* Number of checked functions in libc : 78
* Total number of library functions in the executable: 116
* Number of FORTIFY-able functions in the executable : 13
* Number of checked functions in the executable : 7
* Number of unchecked functions in the executable : 6
```
--------------------------------
### Check Running Process with Custom Libc
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes a running process's executable, specifying a custom libc path for more accurate Fortify detection.
```bash
checksec proc 1234 --libc /path/to/libc.so.6
```
--------------------------------
### Perform FORTIFY_SOURCE Analysis on Binaries
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes binary files to determine FORTIFY_SOURCE support and function coverage. Use the --libc flag when analyzing binaries for different architectures.
```bash
checksec fortifyFile /usr/bin/ls
```
```bash
checksec fortifyFile /path/to/binary --libc /path/to/target/libc.so.6
```
```bash
checksec fortifyFile /usr/bin/ls --output json
```
--------------------------------
### Check All Files in Directory (JSON Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Scans all ELF binaries in a directory and outputs the security hardening features in JSON format, useful for CI/CD integration. Includes --no-banner to suppress the tool's header.
```bash
checksec dir /usr/bin/ --output json --no-banner
```
--------------------------------
### Check All Files in Directory
Source: https://context7.com/slimm609/checksec/llms.txt
Scans all ELF binaries within a specified directory for security hardening features. Results are displayed in a table by default.
```bash
checksec dir /usr/bin/
```
--------------------------------
### Perform FORTIFY_SOURCE Analysis on Running Processes
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes the executable associated with a specific process ID. Requires appropriate permissions to access the process memory or executable path.
```bash
checksec fortifyProc 1
```
```bash
checksec fortifyProc 1234 --output json
```
```bash
checksec fortifyProc 1234 --libc /path/to/libc.so.6
```
--------------------------------
### Check All Running Processes (JSON Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Scans all running processes and outputs their security hardening features in JSON format, suitable for system monitoring. Includes --no-banner.
```bash
checksec procAll --output json --no-banner
```
--------------------------------
### Check Kernel Security Features (XML)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Output the status of kernel hardening options in XML format.
```xml
```
--------------------------------
### Check Kernel Security Features (CLI)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Display the status of various kernel hardening options in a human-readable CLI format. This helps assess the kernel's resistance to attacks.
```bash
$ checksec --kernel
* Kernel protection information:
Description - List the status of kernel protection mechanisms. Rather than
insp ect kernel mechanisms that may aid in the prevention of exploitation of
userspace processes, this option lists the status of kernel configuration
options that harden the kernel itself against attack.
Kernel config: /proc/config.gz
GCC stack protector support: Enabled
Strict user copy checks: Disabled
Enforce read-only kernel data: Disabled
Restrict /dev/mem access: Enabled
Restrict /dev/kmem access: Enabled
* Kernel Heap Hardening: No KERNHEAP
The KERNHEAP hardening patchset is available here:
https://www.subreption.com/kernheap/
```
--------------------------------
### Check Kernel Security Features (JSON)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Output the status of kernel hardening options in JSON format.
```json
{ "kernel": { "KernelConfig":"/boot/config-3.11-2-amd64","gcc_stack_protector":"yes","strict_user_copy_check":"no","ro_kernel_data":"yes","restrict_dev_mem_access":"yes","restrict_dev_kmem_access":"no" },{ "kernheap_config":"no" } }
```
--------------------------------
### Check Executable Properties (CLI)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Display security properties of an executable in a human-readable CLI format. This is the default output.
```bash
$ checksec --file=/bin/ls
RELRO STACK CANARY NX PIE RPATH RUNPATH FILE
Partial RELRO Canary found NX enabled No PIE No RPATH No RUNPATH /bin/ls
```
--------------------------------
### Fortify Source Analysis
Source: https://context7.com/slimm609/checksec/llms.txt
Performs analysis on binaries or running processes to determine FORTIFY_SOURCE support and function safety.
```APIDOC
## GET /fortifyFile
### Description
Performs detailed FORTIFY_SOURCE analysis on a specific binary file.
### Method
GET
### Endpoint
checksec fortifyFile [file_path]
### Parameters
#### Path Parameters
- **file_path** (string) - Required - Path to the binary file
#### Query Parameters
- **--libc** (string) - Optional - Path to custom libc.so.6 for cross-compilation analysis
- **--output** (string) - Optional - Output format: table, xml, json, yaml
## GET /fortifyProc
### Description
Performs FORTIFY_SOURCE analysis on the executable associated with a running process ID.
### Method
GET
### Endpoint
checksec fortifyProc [pid]
### Parameters
#### Path Parameters
- **pid** (integer) - Required - Process ID of the running application
```
--------------------------------
### Check All Running Processes (YAML Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Scans all running processes and outputs their security hardening features in YAML format.
```bash
checksec procAll --output yaml
```
--------------------------------
### Check Executable Properties (XML)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Output security properties of an executable in XML format.
```xml
```
--------------------------------
### Check Running Process by PID (JSON Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes the executable of a running process by its PID and outputs the security hardening features in JSON format.
```bash
checksec proc 1234 --output json
```
--------------------------------
### Check Single Binary File (XML Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes a single ELF binary and outputs the security hardening features in XML format.
```bash
checksec file /bin/ls --output xml
```
--------------------------------
### Check All Files in Directory (No Headers/Banner)
Source: https://context7.com/slimm609/checksec/llms.txt
Scans all ELF binaries in a directory, suppressing both the tool's banner and the output headers for cleaner, script-friendly output.
```bash
checksec dir /usr/bin/ --no-headers --no-banner
```
--------------------------------
### Check Single Binary File (YAML Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes a single ELF binary and outputs the security hardening features in YAML format.
```bash
checksec file /bin/ls --output yaml
```
--------------------------------
### Identify FORTIFY_SOURCE Compilation Flag
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Use the 'strings' command to find compilation flags, specifically looking for '-D_FORTIFY_SOURCE', within a binary. This helps determine if FORTIFY_SOURCE was enabled during compilation.
```bash
$ strings vim | grep FORTIFY
gcc -c -I. -Iproto -DHAVE_CONFIG_H -Wdate-time -g -O2 -ffile-prefix-map=/build/vim-CSyBG7/vim-8.2.3995=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -D_REENTRANT -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1
```
--------------------------------
### Utilize Global Flags and Options
Source: https://context7.com/slimm609/checksec/llms.txt
Common flags available across all checksec commands to control output formatting and specify library locations.
```bash
checksec --help
```
```bash
checksec file /bin/ls --output json --no-banner
checksec dir /usr/bin --output yaml --no-headers
checksec kernel --output xml
```
```bash
checksec file /mnt/target/usr/bin/app --libc /mnt/target/lib/libc.so.6
checksec dir /mnt/target/usr/bin --libc /mnt/target/lib/libc.so.6 --recursive
```
--------------------------------
### Check Executable Security Properties (JSON)
Source: https://github.com/slimm609/checksec/blob/main/README.md
Outputs security properties in JSON format. Ideal for integration with web applications and scripting languages. Use the --output json flag.
```bash
$ checksec file /bin/ls --output json
[
{
"checks": {
"canary": "Canary Found",
"fortified": "0",
"fortify_source": "No",
"fortifyable": "14",
"nx": "NX enabled",
"pie": "PIE Enabled",
"relro": "Partial RELRO",
"rpath": "No RPATH",
"runpath": "No RUNPATH",
"symbols": "No Symbols"
},
"name": "/bin/ls"
}
]
```
--------------------------------
### Check Executable Security Properties (XML)
Source: https://github.com/slimm609/checksec/blob/main/README.md
Outputs security properties in XML format. Suitable for systems that process XML data. Use the --output xml flag.
```bash
$ checksec file /bin/ls --output xml
/bin/ls
Canary Found
0
14
No
NX enabled
PIE Enabled
Partial RELRO
No RPATH
No RUNPATH
No Symbols
```
--------------------------------
### Check Single Binary File (No Banner)
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes a single ELF binary for security hardening features without displaying the tool's banner.
```bash
checksec file /usr/bin/ls --no-banner
```
--------------------------------
### Check Single Binary File (JSON Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes a single ELF binary and outputs the security hardening features in JSON format, suitable for automation and CI/CD integration.
```bash
checksec file /bin/ls --output json
```
--------------------------------
### Reference Binary Security Properties
Source: https://context7.com/slimm609/checksec/llms.txt
Displays the security properties checked by the tool, such as RELRO status.
```bash
# Binary Security Properties:
# - RELRO: Full/Partial/No - Relocation Read-Only protection against GOT overwrites
```
--------------------------------
### Check Kernel Security Configurations
Source: https://github.com/slimm609/checksec/blob/main/README.md
Displays security-related kernel configurations. This command is useful for understanding the security hardening of the running kernel. It shows the status and type of various kernel security features.
```bash
$ checksec kernel
_____ _ _ ______ _____ _ __ _____ ______ _____
/ ____| | | | ____/ ____| |/ // ____| ____/ ____|
| | | |__| | |__ | | | ' /| (___ | |__ | |
| | | __ | __|| | | < \___ \| __|| |
| |____| | | | |___| |____| . \ ____) | |___| |____
\_____|_| |_|______\_____|_|\_\_____/|______\_____|
Kernel configs only print what is supported by the specific kernel/kernel config
Description Value Check Type Config Key
Virtually-mapped kernel stack Disabled Kernel Config CONFIG_VMAP_STACK
Harden str/mem functions Disabled Kernel Config CONFIG_FORTIFY_SOURCE
Restrict Kernel RWX Enabled Kernel Config CONFIG_STRICT_KERNEL_RWX
```
--------------------------------
### Export Kernel Security Checks to XML
Source: https://github.com/slimm609/checksec/blob/main/README.md
Use this command to output kernel security configuration status in XML format.
```bash
$ checksec kernel --output xml
CONFIG_IO_STRICT_DEVMEM
Restrict I/O access to /dev/mem
Disabled
Kernel Config
CONFIG_STRICT_MODULE_RWX
Restrict Module RWX
Enabled
Kernel Config
CONFIG_SECURITY_SELINUX
SELinux Kernel Flag
Disabled
Kernel Config
```
--------------------------------
### Analyze Kernel Security Configurations
Source: https://context7.com/slimm609/checksec/llms.txt
Commands to verify kernel security settings using specific config files or system defaults, with support for structured output formats.
```bash
checksec kernel /boot/config-5.15.0-generic
```
```bash
checksec kernel --output json
```
```bash
checksec kernel --output yaml
```
--------------------------------
### Check All Files in Directory (Recursive)
Source: https://context7.com/slimm609/checksec/llms.txt
Recursively scans all ELF binaries in a directory and its subdirectories for security hardening features.
```bash
checksec dir /usr/bin/ --recursive
```
--------------------------------
### Check Executable Properties (JSON)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Output security properties of an executable in JSON format.
```json
{ "file": { "relro":"partial","canary":"yes","nx":"yes","pie":"no","rpath":"no","runpath":"no","filename":"/bin/ls" } }
```
--------------------------------
### Check Single Binary File (Table Output)
Source: https://context7.com/slimm609/checksec/llms.txt
Performs a basic security check on a single ELF binary and displays results in a table format. This is the default output.
```bash
checksec file /bin/ls
```
--------------------------------
### Check Executable Properties (CSV)
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Output security properties of an executable in CSV format, suitable for programmatic parsing.
```bash
$ checksec --output=csv --file=/bin/ls
Partial RELRO,Canary found,NX enabled,No PIE,No RPATH,No RUNPATH,/bin/ls
```
--------------------------------
### Export Kernel Security Checks to JSON
Source: https://github.com/slimm609/checksec/blob/main/README.md
Use this command to output kernel security configuration status in JSON format.
```bash
$ checksec kernel --output json
[
{
"desc": "Hardened Usercopy",
"name": "CONFIG_HARDENED_USERCOPY",
"type": "Kernel Config",
"value": "Disabled"
},
{
"desc": "Harden str/mem functions",
"name": "CONFIG_FORTIFY_SOURCE",
"type": "Kernel Config",
"value": "Disabled"
},
{
"desc": "Restrict Kernel RWX",
"name": "CONFIG_STRICT_KERNEL_RWX",
"type": "Kernel Config",
"value": "Enabled"
},
{
"desc": "Virtually-mapped kernel stack",
"name": "CONFIG_VMAP_STACK",
"type": "Kernel Config",
"value": "Disabled"
}
]
```
--------------------------------
### Check Kernel Security Configuration
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes the current kernel security configuration by reading the kernel config file and sysctl values to check for hardening options.
```bash
checksec kernel
```
--------------------------------
### Check All Running Processes
Source: https://context7.com/slimm609/checksec/llms.txt
Scans all currently running processes on the system (excluding kernel threads and checksec itself) for security hardening features.
```bash
checksec procAll
```
--------------------------------
### Check Executable Security Properties (YAML)
Source: https://github.com/slimm609/checksec/blob/main/README.md
Outputs security properties in YAML format. Useful for programmatic parsing and integration with other tools. Specify --output yaml.
```bash
$ checksec file /bin/ls --output yaml
- checks:
canary: Canary Found
fortified: "0"
fortify_source: "No"
fortifyable: "14"
nx: NX enabled
pie: PIE Enabled
relro: Partial RELRO
rpath: No RPATH
runpath: No RUNPATH
symbols: No Symbols
name: /bin/ls
```
--------------------------------
### Check Running Process by PID
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes the executable of a running process identified by its Process ID (PID) for security hardening features.
```bash
checksec proc 1
```
--------------------------------
### Kernel Security Analysis
Source: https://context7.com/slimm609/checksec/llms.txt
Analyzes kernel configurations and sysctl settings to report on security features like ASLR, SELinux, and stack protection.
```APIDOC
## GET /kernel
### Description
Analyzes the current system kernel configuration or a provided kernel config file to report on enabled security features.
### Method
GET
### Endpoint
checksec kernel [config_file]
### Parameters
#### Path Parameters
- **config_file** (string) - Optional - Path to a specific kernel config file (e.g., /boot/config-5.15.0-generic)
#### Query Parameters
- **--output** (string) - Optional - Output format: table, xml, json, yaml (default "table")
### Response
#### Success Response (200)
- **desc** (string) - Description of the security check
- **name** (string) - Configuration key or setting name
- **type** (string) - Type of check (Kernel Config, Sysctl, SELinux)
- **value** (string) - Current status (Enabled/Disabled)
```
--------------------------------
### Verify Checksec Signature
Source: https://github.com/slimm609/checksec/blob/main/docs/index.md
Manually verify the integrity of the checksec script using its public key and signature.
```bash
openssl dgst -sha256 -verify checksec.pub -signature checksec.sig checksec
```
=== COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.