Security Verification: BinScope Binary Analyzer

Security Verification: BinScope Binary Analyzer

  • Comments 3

The BinScope Binary Analyzer is a Microsoft verification tool that analyzes binaries to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.  BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, and up-to-date build tools are in place.

BinScope also reports on dangerous constructs that are prohibited or discouraged by the SDL (e.g. read/write shared sections and global function pointers).  For a more detailed enumeration of the checks performed by BinScope, please see the BinScope documentation.  BinScope is available in two forms: as a standalone executable and as a Visual Studio add-on.

Get the tool…

Leave a Comment
  • Please add 6 and 2 and type the answer here:
  • Post
  • Hello,

    I am not sure where to report it, but BinScope will raise "NXCheck" failures for 64-bit executables not marked as /NXCOMPAT.

    However since 64-bit executables on 64-bit operating systems are always DEP-enabled, it looks like a false positive to me.

  • I think this is because BinScope checks for the NX bit in the PE header.  It does not verify whether the executable is actually DEP compatible.  So the 64-bit executables should have this bit set, in my opinion.

  • Can I use Binscope to verify an exe package built using a jar file and 2 dlls?

Page 1 of 1 (3 items)