checksec::impl Namespace Reference

Classes
class	LoadedImage

Variables
constexpr const char	kDynamicBaseDescription []
constexpr const char	kASLRDescription []
constexpr const char	kHighEntropyVADescription []
constexpr const char	kForceIntegrityDescription []
constexpr const char	kNXDescription []
constexpr const char	kIsolationDescription []
constexpr const char	kSEHDescription []
constexpr const char	kCFGDescription []
constexpr const char	kAuthenticodeDescription []
constexpr const char	kRFGDescription []
constexpr const char	kSafeSEHDescription []
constexpr const char	kGSDescription []
constexpr const char	kDotNETDescription []
constexpr const char	kCetDescription []

Detailed Description

A namespace for winchecksec's implementation internals.

Members of this namespace are not part of the public API.

Variable Documentation

kASLRDescription

constexpr const char checksec::impl::kASLRDescription[]

constexpr

Initial value:

=
    "Binaries with ASLR support have randomized virtual memory layouts. "
    "ASLR is enabled by dynamic base support (without stripped relocation "
    "entries) or by using a managed runtime like .NET."

kAuthenticodeDescription

constexpr const char checksec::impl::kAuthenticodeDescription[]

constexpr

Initial value:

=
    "Binaries with Authenticode signatures are verified at load time."

kCetDescription

constexpr const char checksec::impl::kCetDescription[]

constexpr

Initial value:

=
    "Binaries with cet compat support will use "
    "the shadow stack (if available) to mitigate ROP."

kCFGDescription

constexpr const char checksec::impl::kCFGDescription[]

constexpr

Initial value:

=
    "Binaries with CFG enabled have additional protections on indirect calls."

kDotNETDescription

constexpr const char checksec::impl::kDotNETDescription[]

constexpr

Initial value:

=
    ".NET binaries run in a managed environment with many default mitigations."

kDynamicBaseDescription

constexpr const char checksec::impl::kDynamicBaseDescription[]

constexpr

Initial value:

=
    "Binaries with dynamic base support can be "
    "dynamically rebased, enabling ASLR."

kForceIntegrityDescription

constexpr const char checksec::impl::kForceIntegrityDescription[]

constexpr

Initial value:

=
    "Binaries with force integrity checking enabled perform additional "
    "Authenticode signing checks, including page hash checks."

kGSDescription

constexpr const char checksec::impl::kGSDescription[]

constexpr

Initial value:

=
    "Binaries with GS enabled have additional protections against stack-based "
    "buffer overflows."

kHighEntropyVADescription

constexpr const char checksec::impl::kHighEntropyVADescription[]

constexpr

Initial value:

=
    "Binaries with high entropy virtual address support can leverage more of "
    "the virtual memory space to strengthen ASLR."

kIsolationDescription

constexpr const char checksec::impl::kIsolationDescription[]

constexpr

Initial value:

=
    "Binaries with isolation support cause the Windows loader to perform "
    "a manifest lookup on program load."

kNXDescription

constexpr const char checksec::impl::kNXDescription[]

constexpr

Initial value:

=
    "Binaries with NX support can be run with hardware-enforced memory "
    "permissions (i.e., hardware DEP)."

kRFGDescription

constexpr const char checksec::impl::kRFGDescription[]

constexpr

Initial value:

=
    "Binaries with RFG enabled have additional return-oriented-programming "
    "protections."

kSafeSEHDescription

constexpr const char checksec::impl::kSafeSEHDescription[]

constexpr

Initial value:

=
    "Binaries with SafeSEH enabled have additional protections for stack-based "
    "structured exception handlers."

kSEHDescription

constexpr const char checksec::impl::kSEHDescription[]

constexpr

Initial value:

=
    "Binaries with SEH support can use structured exception handlers."