Skip to content

attackgithub/binskim

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

431 Commits

.nuget

.nuget

 
 

.vscode

.vscode

 
 

docs

docs

 
 

refs

refs

 
 

src

src

 
 

.coby.yml

.coby.yml

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

BinSkim.png

BinSkim.png

 
 

BuildAndTest.cmd

BuildAndTest.cmd

 
 

BuildAndTest.sh

BuildAndTest.sh

 
 

BuildPackages.cmd

BuildPackages.cmd

 
 

CreateLayoutDirectory.cmd

CreateLayoutDirectory.cmd

 
 

CreatePackagesFromLayoutDirectory.cmd

CreatePackagesFromLayoutDirectory.cmd

 
 

DelistCurrentPackages.cmd

DelistCurrentPackages.cmd

 
 

LICENSE

LICENSE

 
 

PublishSignedPackages.cmd

PublishSignedPackages.cmd

 
 

README.md

README.md

 
 

SetCurrentVersion.cmd

SetCurrentVersion.cmd

 
 

Repository files navigation

BinSkim Binary Analyzer

This repository contains the source code for BinSkim, a Portable Executable (PE) light-weight scanner that validates compiler/linker settings and other security-relevant binary characteristics.

For Developers

  1. Fork the repository -- Need Help?
  2. Load and compile src\BinSkim.sln to develop changes for contribution.
  3. Execute BuildAndTest.cmd at the root of the enlistment to validate before submitting a PR.

Submit Pull Requests

  1. Run BuildAndTest.cmd at the root of the enlistment to ensure that all tests pass, release build succeeds, and NuGet packages are created
  2. Submit a Pull Request to the 'develop' branch -- Need Help?

For Users

  1. Download BinSkim from NuGet
  2. Read the User Guide
  3. Find out more about the Static Analysis Results Interchange Format (SARIF) used to output Binskim results

Command-Line Quick Guide

Argument (short form, long form) Meaning
--sympath Symbols path value (e.g. SRV http://msdl.microsoft.com/download/symbols or Cache d:\symbols;Srv http://symweb)
-o, --output File path used to write and output analysis using SARIF
-v, --verbose Emit verbose output. The comprehensive report is designed to provide appropriate evidence for compliance scenarios
-r, --recurse Recurse into subdirectories when evaluating file specifier arguments
-c, --config (Default: ‘default’) Path to policy file to be used to configure analysis. Passing value of 'default' (or omitting the argument) invokes built-in settings
-q, --quiet Do not log results to the console
-s, --statistics Generate timing and other statistics for analysis session
-h, --hashes Output hashes of analysis targets when emitting SARIF reports
-e, --environment

Log machine environment details of run to output file.

WARNING: This option records potentially sensitive information (such as all environment variable values) to the log file.
-p, --plug-in Path to plug-in that will be invoked against all targets in the analysis set.
--help Table of argument information.
--version BinSkim version details.
value pos. 0 One or more specifiers to a file, directory, or filter pattern that resolves to one or more binaries to analyze.

Example: binskim.exe analyze c:\bld\*.dll --recurse --output MyRun.sarif

About

A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C# 93.6%
  • Batchfile 2.7%
  • PowerShell 2.3%
  • Shell 1.0%
  • C 0.3%
  • C++ 0.1%