Skip to content
A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats
C# Batchfile PowerShell Shell C C++
Branch: master
Clone or download
michaelcfanning Uwp no spectre (#255)
* Eliminate false positives for spectre issues fired against UWP native code.

* Update unit tests.
Latest commit 9cc57d8 Oct 29, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
.nuget Update nuget client. prepare for 1.4.5 release Dec 22, 2017
.vscode Adds some VSCode stubs for building/debugging, and adds applicability… Jan 12, 2018
docs Add workings faqs document. Jul 25, 2019
refs Verify that PDBs co-located with binaries match the binary. Provide t… Oct 22, 2019
src Uwp no spectre (#255) Oct 29, 2019
.coby.yml Populate repository with preliminary content Nov 20, 2015
.gitattributes Merge from elf binary support branch. Feb 1, 2018
.gitignore Update release history and remove erroneous .gitignore entry Feb 19, 2018
BinSkim.png Make package conform to new NuGet ship requirements. Aug 4, 2018
BuildAndTest.cmd Small fix to hopefully get publish working in VSTS build Jul 30, 2018 Update to non-Windows baselines for adding Spectre Rule Feb 13, 2018
BuildPackages.cmd Addressing comments, small fixes to build scripts. Jan 12, 2018
CreateLayoutDirectory.cmd Small change to signing setup script Aug 3, 2018
CreatePackagesFromLayoutDirectory.cmd Small change to signing setup script Aug 3, 2018
DelistCurrentPackages.cmd Update build scripts, etc. Last changes for 1.3.0 Apr 14, 2016
LICENSE Add ruleInfo export command. Update SARIF to 1.4.6. Update version to… Dec 11, 2015
PublishSignedPackages.cmd Update build scripts, etc. Last changes for 1.3.0 Apr 14, 2016 Merge pull request #178 from Microsoft/build-update Aug 3, 2018
SetCurrentVersion.cmd Results caching (#245) Sep 11, 2019

BinSkim Binary Analyzer

This repository contains the source code for BinSkim, a Portable Executable (PE) light-weight scanner that validates compiler/linker settings and other security-relevant binary characteristics.

For Developers

  1. Fork the repository -- Need Help?
  2. Load and compile src\BinSkim.sln to develop changes for contribution.
  3. Execute BuildAndTest.cmd at the root of the enlistment to validate before submitting a PR.

Submit Pull Requests

  1. Run BuildAndTest.cmd at the root of the enlistment to ensure that all tests pass, release build succeeds, and NuGet packages are created
  2. Submit a Pull Request to the 'develop' branch -- Need Help?

For Users

  1. Download BinSkim from NuGet
  2. Read the User Guide
  3. Find out more about the Static Analysis Results Interchange Format (SARIF) used to output Binskim results

Command-Line Quick Guide

Argument (short form, long form) Meaning
--sympath Symbols path value (e.g. SRV or Cache d:\symbols;Srv http://symweb)
-o, --output File path used to write and output analysis using SARIF
-v, --verbose Emit verbose output. The comprehensive report is designed to provide appropriate evidence for compliance scenarios
-r, --recurse Recurse into subdirectories when evaluating file specifier arguments
-c, --config (Default: ‘default’) Path to policy file to be used to configure analysis. Passing value of 'default' (or omitting the argument) invokes built-in settings
-q, --quiet Do not log results to the console
-s, --statistics Generate timing and other statistics for analysis session
-h, --hashes Output hashes of analysis targets when emitting SARIF reports
-e, --environment

Log machine environment details of run to output file.

WARNING: This option records potentially sensitive information (such as all environment variable values) to the log file.

-p, --plug-in Path to plug-in that will be invoked against all targets in the analysis set.
--help Table of argument information.
--version BinSkim version details.
value pos. 0 One or more specifiers to a file, directory, or filter pattern that resolves to one or more binaries to analyze.

Example: binskim.exe analyze c:\bld\*.dll --recurse --output MyRun.sarif

You can’t perform that action at this time.