Security Open Source Tools That Are Integrated in the Automation Framework from Intel

author-image

By

Explore our security open source tools integrated into the automation framework from Intel.

winchecksec

Performs static detection of common Windows* security features.

  • Address Space Layout Randomization (ASLR)
  • Code integrity/signing
  • Data Execution Prevention (DEP a.k.a. W^X, NX)
  • Manifest isolation via (/ALLOWISOLATION)
  • Structured Exception Handling and Safe Structured Exception Handlers (SEH) support
  • Control Flow Guard and Return Flow Guard instrumentation
  • Stack cookie (GuardStack (/GS)) support

GitHub*

checksec

Performs static security analysis on Executable and Linkable Format (ELF).

  • Looks into the ELF headers to extract out relevant security features
  • Run this tool on a Linux binary to generate a report on compiler defenses that were applied
    • Data Execution Prevention (DEP)
    • Address Space Layout Randomization (ASLR)
    • Enable Read Only Relocation (RELRO)
    • RUNPATH (RPATH)
    • Stack Canary

GitHub

BinSkim - Binary Analyzer

Provides security and correctness results for Windows Portable Executable (PE) and Executable and Linkable Format (ELF) binary formats.

  • Address Space Layout Randomization (ASLR)
  • High Entropy Value (VA)
  • Safe Structured Exception Handlers (SEH)
  • GuardStack (GS)
  • Authenticode
  • Control Flow Guard (CFG)
  • PE section marked as Writable & Executable
  • Load Image above 4GB
  • Import Section attribute Executable
  • Do not incorporate Vulnerable Dependencies
  • Critical compiler warnings

GitHub

Sigcheck* - Volatility Plugin

Validates Authenticode-signed processes, either with embedded signature or catalog-signed.

  • Signed, Signing Authority

 

GitHub

Binwalk* - Firmware Analysis Tool

Detects crypto algorithms and hard coded secrets and paths.

  • Use of deprecated crypto algorithms
  • Use of Hard coded Secrets, Path

GitHub

 

Legal Notices and Disclaimers​​

​No product or component can be absolutely secure.  ​

​Intel does not control or audit third-party data.  You should consult other sources to evaluate accuracy.​​​

Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.​​​​

​No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document.​​

Product and Performance Information

1

Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.