checksec - check executables and kernel properties
checksec [options] [file]
checksec is a bash script used to check the properties of
executables (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source) and
kernel security options (like GRSecurity and SELinux).
- -o or --output or
--format {cli|csv|xml|json}
- Output the results in different formats for ingestion to other
applications. NOTE: This option must go before any other options
currently
- -h or --help
- Displays the help text
- -f or --file
- Checks individual files for security features compiled into the
executable
- -d or --dir
- Recursively checks all executable files in the directory for security
features compiled into the executables
- -p or --proc
- Checks the security features of a running process by name
- -pa or
--proc-all
- Checks the security features of all running processes
- -pl or
--proc-libs
- Checks the security features of the all libraries of a running process
ID
- -k or
--kernel
- Checks the security features of the running kernel or a specified kernel
config
- -ff or
--fortify-file
- Checks the fortifiability of a file and if any of the fortifiable features
have already been compiled into the file
- -fp or
--fortify-proc
- Checks the fortifiability of a running process and if any of the
fortifiable features have already been compiled in
- --version
- Shows the current version of the running software
- -u or --update or
--upgrade
- Checks source for a signed update and updates the application if available
The following diagnostics may be issued on stderr:
Permission Denied.
For most of the checks you must be root..
Debugging
--debug option can be specified for debug level
output
Brian Davis <slimm609 at gmail dot com>
Checksec was originally written by Tobias Klein