PowerShell module to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, and Authenticode.
Switch branches/tags
Nothing to show
Clone or download
egru Change Windows check
The Windows check will now just look at the build number instead of the major/minor versions and build number.
Latest commit 50d4fe7 Aug 4, 2018
Permalink
Failed to load latest commit information.
Get-PESecurity.psm1 Change Windows check Aug 4, 2018
README.md Update README.md Jul 31, 2017
license.txt Create license.txt Mar 22, 2015

README.md

PESecurity

PowerShell script to check if a Windows binary (EXE/DLL) has been compiled with ASLR, DEP, SafeSEH, StrongNaming, Authenticode, Control Flow Guard, and HighEntropyVA.

Import the module

Import-Module .\Get-PESecurity.psm1
Check a single file

C:\PS> Get-PESecurity -file C:\Windows\System32\kernel32.dll

alt tag

Check a directory for DLLs & EXEs

C:\PS> Get-PESecurity -directory C:\Windows\System32\

alt tag

Check a directory for DLLs & EXEs recrusively

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive
Export results as a CSV

C:\PS>  Get-PESecurity -directory C:\Windows\System32\ -recursive | Export-CSV file.csv
Show results in a table

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table

alt tag

Show results in a table and sort by a column

C:\PS> Get-PESecurity -directory C:\Windows\System32\ -recursive | Format-Table | sort ASLR

Links