### Install Checksec via Go Source: https://context7.com/slimm609/checksec/llms.txt Installs the latest version of Checksec using the Go toolchain. ```bash go install github.com/slimm609/checksec/v3@latest ``` -------------------------------- ### Check Executable Security Properties (CLI) Source: https://github.com/slimm609/checksec/blob/main/README.md Use this command to display security properties of an executable in a human-readable CLI format. No special setup is required. ```bash $checksec file /bin/ls RELRO Stack Canary NX PIE RPATH RUNPATH Symbols FORTIFY Fortified Fortifiable Name Partial RELRO Canary Found NX enabled PIE Enabled No RPATH No RUNPATH No Symbols No 0 14 /bin/ls ``` -------------------------------- ### Build Checksec from Source Source: https://context7.com/slimm609/checksec/llms.txt Clones the Checksec repository and builds the executable from source. ```bash git clone https://github.com/slimm609/checksec.git cd checksec make build ``` -------------------------------- ### Check FORTIFY_SOURCE Support for a Process Source: https://github.com/slimm609/checksec/blob/main/README.md Tests a running process (PID 1) for FORTIFY_SOURCE support. This command provides a detailed breakdown of FORTIFY_SOURCE status in both the binary and the linked libc. ```bash $ checksec fortifyProc 1 _____ _ _ ______ _____ _ __ _____ ______ _____ / ____| | | | ____/ ____| |/ // ____| ____/ ____| | | | |__| | |__ | | | ' /| (___ | |__ | | | | | __ | __|| | | < \___ \| __|| | | |____| | | | |___| |____| . \ ____) | |___| |____ \_____|_| |_|______\_____|_|\_\_____/|______\_____| * FORTIFY_SOURCE support available (libc): Yes * Binary compiled with FORTIFY_SOURCE support: No ------ EXECUTABLE-FILE ------- | -------- LIBC -------- Fortifiable library functions | Checked function names Coming Soon SUMMARY * Number of checked functions in libc : 18 * Total number of library functions in the executable: 2011 * Number of Fortifiable functions in the executable : 12 * Number of checked functions in the executable : 0 * Number of unchecked functions in the executable : 12 ``` -------------------------------- ### Check Fortify Source Status (CLI) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Analyze a running process for FORTIFY_SOURCE support and identify which functions are checked. This provides a detailed breakdown of security checks. ```bash $ checksec --fortify-proc=1 * Process name (PID) : init (1) * FORTIFY_SOURCE support available (libc) : Yes * Binary compiled with FORTIFY_SOURCE support: Yes ------ EXECUTABLE-FILE ------- . -------- LIBC -------- FORTIFY-able library functions | Checked function names ------------------------------------------------------- fdelt_chk | __fdelt_chk read | __read_chk syslog_chk | __syslog_chk fprintf_chk | __fprintf_chk vsnprintf_chk | __vsnprintf_chk fgets | __fgets_chk strncpy | __strncpy_chk snprintf_chk | __snprintf_chk memset | __memset_chk strncat_chk | __strncat_chk memcpy | __memcpy_chk fread | __fread_chk sprintf_chk | __sprintf_chk SUMMARY: * Number of checked functions in libc : 78 * Total number of library functions in the executable: 116 * Number of FORTIFY-able functions in the executable : 13 * Number of checked functions in the executable : 7 * Number of unchecked functions in the executable : 6 ``` -------------------------------- ### Check Running Process with Custom Libc Source: https://context7.com/slimm609/checksec/llms.txt Analyzes a running process's executable, specifying a custom libc path for more accurate Fortify detection. ```bash checksec proc 1234 --libc /path/to/libc.so.6 ``` -------------------------------- ### Perform FORTIFY_SOURCE Analysis on Binaries Source: https://context7.com/slimm609/checksec/llms.txt Analyzes binary files to determine FORTIFY_SOURCE support and function coverage. Use the --libc flag when analyzing binaries for different architectures. ```bash checksec fortifyFile /usr/bin/ls ``` ```bash checksec fortifyFile /path/to/binary --libc /path/to/target/libc.so.6 ``` ```bash checksec fortifyFile /usr/bin/ls --output json ``` -------------------------------- ### Check All Files in Directory (JSON Output) Source: https://context7.com/slimm609/checksec/llms.txt Scans all ELF binaries in a directory and outputs the security hardening features in JSON format, useful for CI/CD integration. Includes --no-banner to suppress the tool's header. ```bash checksec dir /usr/bin/ --output json --no-banner ``` -------------------------------- ### Check All Files in Directory Source: https://context7.com/slimm609/checksec/llms.txt Scans all ELF binaries within a specified directory for security hardening features. Results are displayed in a table by default. ```bash checksec dir /usr/bin/ ``` -------------------------------- ### Perform FORTIFY_SOURCE Analysis on Running Processes Source: https://context7.com/slimm609/checksec/llms.txt Analyzes the executable associated with a specific process ID. Requires appropriate permissions to access the process memory or executable path. ```bash checksec fortifyProc 1 ``` ```bash checksec fortifyProc 1234 --output json ``` ```bash checksec fortifyProc 1234 --libc /path/to/libc.so.6 ``` -------------------------------- ### Check All Running Processes (JSON Output) Source: https://context7.com/slimm609/checksec/llms.txt Scans all running processes and outputs their security hardening features in JSON format, suitable for system monitoring. Includes --no-banner. ```bash checksec procAll --output json --no-banner ``` -------------------------------- ### Check Kernel Security Features (XML) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Output the status of kernel hardening options in XML format. ```xml ``` -------------------------------- ### Check Kernel Security Features (CLI) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Display the status of various kernel hardening options in a human-readable CLI format. This helps assess the kernel's resistance to attacks. ```bash $ checksec --kernel * Kernel protection information: Description - List the status of kernel protection mechanisms. Rather than insp ect kernel mechanisms that may aid in the prevention of exploitation of userspace processes, this option lists the status of kernel configuration options that harden the kernel itself against attack. Kernel config: /proc/config.gz GCC stack protector support: Enabled Strict user copy checks: Disabled Enforce read-only kernel data: Disabled Restrict /dev/mem access: Enabled Restrict /dev/kmem access: Enabled * Kernel Heap Hardening: No KERNHEAP The KERNHEAP hardening patchset is available here: https://www.subreption.com/kernheap/ ``` -------------------------------- ### Check Kernel Security Features (JSON) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Output the status of kernel hardening options in JSON format. ```json { "kernel": { "KernelConfig":"/boot/config-3.11-2-amd64","gcc_stack_protector":"yes","strict_user_copy_check":"no","ro_kernel_data":"yes","restrict_dev_mem_access":"yes","restrict_dev_kmem_access":"no" },{ "kernheap_config":"no" } } ``` -------------------------------- ### Check Executable Properties (CLI) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Display security properties of an executable in a human-readable CLI format. This is the default output. ```bash $ checksec --file=/bin/ls RELRO STACK CANARY NX PIE RPATH RUNPATH FILE Partial RELRO Canary found NX enabled No PIE No RPATH No RUNPATH /bin/ls ``` -------------------------------- ### Fortify Source Analysis Source: https://context7.com/slimm609/checksec/llms.txt Performs analysis on binaries or running processes to determine FORTIFY_SOURCE support and function safety. ```APIDOC ## GET /fortifyFile ### Description Performs detailed FORTIFY_SOURCE analysis on a specific binary file. ### Method GET ### Endpoint checksec fortifyFile [file_path] ### Parameters #### Path Parameters - **file_path** (string) - Required - Path to the binary file #### Query Parameters - **--libc** (string) - Optional - Path to custom libc.so.6 for cross-compilation analysis - **--output** (string) - Optional - Output format: table, xml, json, yaml ## GET /fortifyProc ### Description Performs FORTIFY_SOURCE analysis on the executable associated with a running process ID. ### Method GET ### Endpoint checksec fortifyProc [pid] ### Parameters #### Path Parameters - **pid** (integer) - Required - Process ID of the running application ``` -------------------------------- ### Check All Running Processes (YAML Output) Source: https://context7.com/slimm609/checksec/llms.txt Scans all running processes and outputs their security hardening features in YAML format. ```bash checksec procAll --output yaml ``` -------------------------------- ### Check Executable Properties (XML) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Output security properties of an executable in XML format. ```xml ``` -------------------------------- ### Check Running Process by PID (JSON Output) Source: https://context7.com/slimm609/checksec/llms.txt Analyzes the executable of a running process by its PID and outputs the security hardening features in JSON format. ```bash checksec proc 1234 --output json ``` -------------------------------- ### Check Single Binary File (XML Output) Source: https://context7.com/slimm609/checksec/llms.txt Analyzes a single ELF binary and outputs the security hardening features in XML format. ```bash checksec file /bin/ls --output xml ``` -------------------------------- ### Check All Files in Directory (No Headers/Banner) Source: https://context7.com/slimm609/checksec/llms.txt Scans all ELF binaries in a directory, suppressing both the tool's banner and the output headers for cleaner, script-friendly output. ```bash checksec dir /usr/bin/ --no-headers --no-banner ``` -------------------------------- ### Check Single Binary File (YAML Output) Source: https://context7.com/slimm609/checksec/llms.txt Analyzes a single ELF binary and outputs the security hardening features in YAML format. ```bash checksec file /bin/ls --output yaml ``` -------------------------------- ### Identify FORTIFY_SOURCE Compilation Flag Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Use the 'strings' command to find compilation flags, specifically looking for '-D_FORTIFY_SOURCE', within a binary. This helps determine if FORTIFY_SOURCE was enabled during compilation. ```bash $ strings vim | grep FORTIFY gcc -c -I. -Iproto -DHAVE_CONFIG_H -Wdate-time -g -O2 -ffile-prefix-map=/build/vim-CSyBG7/vim-8.2.3995=. -flto=auto -ffat-lto-objects -flto=auto -ffat-lto-objects -fstack-protector-strong -Wformat -Werror=format-security -D_REENTRANT -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=1 ``` -------------------------------- ### Utilize Global Flags and Options Source: https://context7.com/slimm609/checksec/llms.txt Common flags available across all checksec commands to control output formatting and specify library locations. ```bash checksec --help ``` ```bash checksec file /bin/ls --output json --no-banner checksec dir /usr/bin --output yaml --no-headers checksec kernel --output xml ``` ```bash checksec file /mnt/target/usr/bin/app --libc /mnt/target/lib/libc.so.6 checksec dir /mnt/target/usr/bin --libc /mnt/target/lib/libc.so.6 --recursive ``` -------------------------------- ### Check Executable Security Properties (JSON) Source: https://github.com/slimm609/checksec/blob/main/README.md Outputs security properties in JSON format. Ideal for integration with web applications and scripting languages. Use the --output json flag. ```bash $ checksec file /bin/ls --output json [ { "checks": { "canary": "Canary Found", "fortified": "0", "fortify_source": "No", "fortifyable": "14", "nx": "NX enabled", "pie": "PIE Enabled", "relro": "Partial RELRO", "rpath": "No RPATH", "runpath": "No RUNPATH", "symbols": "No Symbols" }, "name": "/bin/ls" } ] ``` -------------------------------- ### Check Executable Security Properties (XML) Source: https://github.com/slimm609/checksec/blob/main/README.md Outputs security properties in XML format. Suitable for systems that process XML data. Use the --output xml flag. ```bash $ checksec file /bin/ls --output xml /bin/ls Canary Found 0 14 No NX enabled PIE Enabled Partial RELRO No RPATH No RUNPATH No Symbols ``` -------------------------------- ### Check Single Binary File (No Banner) Source: https://context7.com/slimm609/checksec/llms.txt Analyzes a single ELF binary for security hardening features without displaying the tool's banner. ```bash checksec file /usr/bin/ls --no-banner ``` -------------------------------- ### Check Single Binary File (JSON Output) Source: https://context7.com/slimm609/checksec/llms.txt Analyzes a single ELF binary and outputs the security hardening features in JSON format, suitable for automation and CI/CD integration. ```bash checksec file /bin/ls --output json ``` -------------------------------- ### Reference Binary Security Properties Source: https://context7.com/slimm609/checksec/llms.txt Displays the security properties checked by the tool, such as RELRO status. ```bash # Binary Security Properties: # - RELRO: Full/Partial/No - Relocation Read-Only protection against GOT overwrites ``` -------------------------------- ### Check Kernel Security Configurations Source: https://github.com/slimm609/checksec/blob/main/README.md Displays security-related kernel configurations. This command is useful for understanding the security hardening of the running kernel. It shows the status and type of various kernel security features. ```bash $ checksec kernel _____ _ _ ______ _____ _ __ _____ ______ _____ / ____| | | | ____/ ____| |/ // ____| ____/ ____| | | | |__| | |__ | | | ' /| (___ | |__ | | | | | __ | __|| | | < \___ \| __|| | | |____| | | | |___| |____| . \ ____) | |___| |____ \_____|_| |_|______\_____|_|\_\_____/|______\_____| Kernel configs only print what is supported by the specific kernel/kernel config Description Value Check Type Config Key Virtually-mapped kernel stack Disabled Kernel Config CONFIG_VMAP_STACK Harden str/mem functions Disabled Kernel Config CONFIG_FORTIFY_SOURCE Restrict Kernel RWX Enabled Kernel Config CONFIG_STRICT_KERNEL_RWX ``` -------------------------------- ### Export Kernel Security Checks to XML Source: https://github.com/slimm609/checksec/blob/main/README.md Use this command to output kernel security configuration status in XML format. ```bash $ checksec kernel --output xml CONFIG_IO_STRICT_DEVMEM Restrict I/O access to /dev/mem Disabled Kernel Config CONFIG_STRICT_MODULE_RWX Restrict Module RWX Enabled Kernel Config CONFIG_SECURITY_SELINUX SELinux Kernel Flag Disabled Kernel Config ``` -------------------------------- ### Analyze Kernel Security Configurations Source: https://context7.com/slimm609/checksec/llms.txt Commands to verify kernel security settings using specific config files or system defaults, with support for structured output formats. ```bash checksec kernel /boot/config-5.15.0-generic ``` ```bash checksec kernel --output json ``` ```bash checksec kernel --output yaml ``` -------------------------------- ### Check All Files in Directory (Recursive) Source: https://context7.com/slimm609/checksec/llms.txt Recursively scans all ELF binaries in a directory and its subdirectories for security hardening features. ```bash checksec dir /usr/bin/ --recursive ``` -------------------------------- ### Check Executable Properties (JSON) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Output security properties of an executable in JSON format. ```json { "file": { "relro":"partial","canary":"yes","nx":"yes","pie":"no","rpath":"no","runpath":"no","filename":"/bin/ls" } } ``` -------------------------------- ### Check Single Binary File (Table Output) Source: https://context7.com/slimm609/checksec/llms.txt Performs a basic security check on a single ELF binary and displays results in a table format. This is the default output. ```bash checksec file /bin/ls ``` -------------------------------- ### Check Executable Properties (CSV) Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Output security properties of an executable in CSV format, suitable for programmatic parsing. ```bash $ checksec --output=csv --file=/bin/ls Partial RELRO,Canary found,NX enabled,No PIE,No RPATH,No RUNPATH,/bin/ls ``` -------------------------------- ### Export Kernel Security Checks to JSON Source: https://github.com/slimm609/checksec/blob/main/README.md Use this command to output kernel security configuration status in JSON format. ```bash $ checksec kernel --output json [ { "desc": "Hardened Usercopy", "name": "CONFIG_HARDENED_USERCOPY", "type": "Kernel Config", "value": "Disabled" }, { "desc": "Harden str/mem functions", "name": "CONFIG_FORTIFY_SOURCE", "type": "Kernel Config", "value": "Disabled" }, { "desc": "Restrict Kernel RWX", "name": "CONFIG_STRICT_KERNEL_RWX", "type": "Kernel Config", "value": "Enabled" }, { "desc": "Virtually-mapped kernel stack", "name": "CONFIG_VMAP_STACK", "type": "Kernel Config", "value": "Disabled" } ] ``` -------------------------------- ### Check Kernel Security Configuration Source: https://context7.com/slimm609/checksec/llms.txt Analyzes the current kernel security configuration by reading the kernel config file and sysctl values to check for hardening options. ```bash checksec kernel ``` -------------------------------- ### Check All Running Processes Source: https://context7.com/slimm609/checksec/llms.txt Scans all currently running processes on the system (excluding kernel threads and checksec itself) for security hardening features. ```bash checksec procAll ``` -------------------------------- ### Check Executable Security Properties (YAML) Source: https://github.com/slimm609/checksec/blob/main/README.md Outputs security properties in YAML format. Useful for programmatic parsing and integration with other tools. Specify --output yaml. ```bash $ checksec file /bin/ls --output yaml - checks: canary: Canary Found fortified: "0" fortify_source: "No" fortifyable: "14" nx: NX enabled pie: PIE Enabled relro: Partial RELRO rpath: No RPATH runpath: No RUNPATH symbols: No Symbols name: /bin/ls ``` -------------------------------- ### Check Running Process by PID Source: https://context7.com/slimm609/checksec/llms.txt Analyzes the executable of a running process identified by its Process ID (PID) for security hardening features. ```bash checksec proc 1 ``` -------------------------------- ### Kernel Security Analysis Source: https://context7.com/slimm609/checksec/llms.txt Analyzes kernel configurations and sysctl settings to report on security features like ASLR, SELinux, and stack protection. ```APIDOC ## GET /kernel ### Description Analyzes the current system kernel configuration or a provided kernel config file to report on enabled security features. ### Method GET ### Endpoint checksec kernel [config_file] ### Parameters #### Path Parameters - **config_file** (string) - Optional - Path to a specific kernel config file (e.g., /boot/config-5.15.0-generic) #### Query Parameters - **--output** (string) - Optional - Output format: table, xml, json, yaml (default "table") ### Response #### Success Response (200) - **desc** (string) - Description of the security check - **name** (string) - Configuration key or setting name - **type** (string) - Type of check (Kernel Config, Sysctl, SELinux) - **value** (string) - Current status (Enabled/Disabled) ``` -------------------------------- ### Verify Checksec Signature Source: https://github.com/slimm609/checksec/blob/main/docs/index.md Manually verify the integrity of the checksec script using its public key and signature. ```bash openssl dgst -sha256 -verify checksec.pub -signature checksec.sig checksec ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.