Security Verification: BinScope Binary Analyzer
The BinScope Binary Analyzer is a Microsoft verification tool that analyzes binaries to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations. BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, and up-to-date build tools are in place.
BinScope also reports on dangerous constructs that are prohibited or discouraged by the SDL (e.g. read/write shared sections and global function pointers). For a more detailed enumeration of the checks performed by BinScope, please see the BinScope documentation. BinScope is available in two forms: as a standalone executable and as a Visual Studio add-on.
Comments
- Anonymous
January 08, 2010
Hello,I am not sure where to report it, but BinScope will raise "NXCheck" failures for 64-bit executables not marked as /NXCOMPAT.However since 64-bit executables on 64-bit operating systems are always DEP-enabled, it looks like a false positive to me. - Anonymous
October 12, 2010
I think this is because BinScope checks for the NX bit in the PE header. It does not verify whether the executable is actually DEP compatible. So the 64-bit executables should have this bit set, in my opinion. - Anonymous
January 31, 2012
Can I use Binscope to verify an exe package built using a jar file and 2 dlls?