PEchecker

Powershell script to check if an image (EXE/DLL) has been compiled with ASLR, DEP, and SafeSEH.

Check a single file

C:\PS> ./Check-PESecurity.ps1 -file C:\Windows\System32\kernel32.dll

Check a directory for DLLs & EXEs

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\

Check a directory for DLLs & EXEs recrusively

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive

Check for only DLLs & EXEs that are not compiled with ASLR

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive -OnlyNoASLR

Check for only DLLs & EXEs that are not compiled with DEP

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive -OnlyNoDEP

Check for only DLLs & EXEs that are not compiled with SafeSEH

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive -OnlyNoSafeSEH

Show results with full path names

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive -FullPath

Export results as a CSV

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive | Export-CSV file.csv

Show results in a table

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive | Format-Table

Show results in a table and sort by a column

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive | Format-Table | sort ASLR

Show results in a list

C:\PS> ./Check-PESecurity.ps1 -directory C:\Windows\System32\ -recursive | Format-List

Links

Name		Name	Last commit message	Last commit date
Latest commit History 21 Commits
Check-PESecurity.ps1		Check-PESecurity.ps1
Get-PESecurity.psm1		Get-PESecurity.psm1
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

PEchecker

About

Releases

Packages

Languages

bonsaiviking/PEchecker

Folders and files

Latest commit

History

Repository files navigation

PEchecker

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages