September 17, 2009

Microsoft`s BinScop

Microsoft has recently announced publicly releasing another tool-set from their SDL bag. BinScop is an interesting tool both for hackers and developers, although it`s target is developers. To give you a very brief description here`s what BinScop has been developed for: Checking given binary file for becoming sure if the analyzed file has used any/all of security features Microsoft has provided in it`s compiler (VisualStudio) and Operating systems. Result of analyze will tell you if the binary has been compiled to support /GS, /SafeSEH, NX, ASLR, ... or not .
This is not the first ever release tool of it`s kind . LookingGlass of Errata Security is a similar tool, showing you some of flags checked by BinScope, plus a more interesting feature that let you check running processes for mentioned flags and also showing you export of possibly unsafe clib functions used in binary . Process Explorer of sysinternals is just another tool let you check running processes for NX/DEP/ASLR compatibility, however it can hardly be classified in same family of tools like above.

No comments:

Post a Comment