Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats

License

NotificationsYou must be signed in to change notification settings

microsoft/binskim

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

This repository contains the source code for BinSkim, a Portable Executable (PE) light-weight scanner that validates compiler/linker settings and other security-relevant binary characteristics.

For Developers

  1. Fork the repository --Need Help?
  2. Read theRule Contributions Guide
  3. Load and compilesrc\BinSkim.sln to develop changes for contribution.
  4. Execute BuildAndTest.cmd at the root of the enlistment to validate before submitting a PR.

Submit Pull Requests

  1. RunBuildAndTest.cmd at the root of the enlistment to ensure that all tests pass, release build succeeds, and NuGet packages are created
  2. Submit a Pull Request to the 'develop' branch --Need Help?

For Users

  1. Download BinSkim fromNuGet
  2. Read theUser Guide
  3. Find out more about the Static Analysis Results Interchange Format(SARIF) used to output Binskim results

How to extract the exe file from the nuget package

If you only want to run the Binskim tool without installing anything, then you can

  1. Download BinSkim fromNuGet
  2. Rename the file extension from .nupkg to .zip (ie. via commandline:rename microsoft.codeanalysis.binskim.x.y.z.nupkg microsoft.codeanalysis.binskim.x.y.z.zip)
  3. Unzip
  4. Executable files are now available in the OS specific folder withintools\netcoreapp3.1 (ie. linux-x64, win-x64, and osx-x64).
  5. Navigate to this location to invoke the executable:
    • Windows:binskim.exe analyze c:\bld\*.dll --recurse true --output MyRun.sarif
    • Linux/Unix:./BinSkim analyze /someDirectory/testBinary -o MyRun.sarif
    • Mac:./BinSkim analyze /someDirectory/testBinary -o MyRun.sarif
    • Using dotnet sdk:dotnet binskim.dll analyze /directoryPath/testBinary -o MyRun.sarif

Command-Line Quick Guide

Argument (short form, long form)Meaning
--traceExecution traces, expressed as a semicolon-delimited list enclosed in double quotes, that should be emitted to the console and log file (if appropriate). Valid values: PdbLoad, ScanTime, RuleScanTime, PeakWorkingSet, TargetsScanned, ResultsSummary.
--sympathSymbol paths, expressed as a semicolon-delimited list enclosed in double quotes. (e.g.SRV*https://msdl.microsoft.com/download/symbols orCache*d:\symbols;Srv*https://symweb) Seehttps://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/advanced-symsrv-use for syntax information.
--local-symbol-directoriesLocal directory paths, expressed as a semicolon-delimited list enclosed in double quotes, that will be examined when attempting to locate PDBs.
-o, --outputFile path used to write and output analysis usingSARIF
-r, --recurse [true|false]If true, recurse into subdirectories when evaluating file specifier arguments
-c, --config(Default: ‘default’) Path to policy file to be used to configure analysis. Passing value of 'default' (or omitting the argument) invokes built-in settings
-q, --quiet [true|false]If true, do not log results to the console
-s, --statisticsGenerate timing and other statistics for analysis session
--insertOptionally present data, expressed as a semicolon-delimited list enclosed in double quotes, that should be inserted into the log file. Valid values include Hashes, TextFiles, BinaryFiles, EnvironmentVariables, RegionSnippets, ContextRegionSnippets, ContextRegionSnippetPartialFingerprints, Guids, VersionControlDetails, and NondeterministicProperties.
-e, --environment [true|false]

If true, log machine environment details of run to output file.

WARNING: This option records potentially sensitive information (such as all environment variable values) to the log file.

-p, --pluginPaths to plugin, expressed as a semicolon-delimited list enclosed in double quotes, that will be invoked against all targets in the analysis set.
--rich-return-code [true|false]If true, output a more detailed exit code consisting of a series of flags about execution, rather than outputting '0' for success/'1' for failure (see codes below)
--levelFailure levels, expressed as a semicolon-delimited list enclosed in double quotes, that is used to filter the scan results. Valid values: Error, Warning and Note.
--kindResult kinds, expressed as a semicolon-delimited list enclosed in double quotes, that is used to filter the scan results. Valid values: Fail (for literal scan results), Pass, Review, Open, NotApplicable and Informational.
--baselineA Sarif file to be used as baseline.
--helpTable of argument information.
--versionBinSkim version details.
value pos. 0One or more specifiers to a file, directory, or filter pattern that resolves to one or more binaries to analyze.

Example:binskim.exe analyze c:\bld\*.dll --recurse true --output MyRun.sarif

About

A binary static analysis tool that provides security and correctness results for Windows Portable Executable and *nix ELF binary formats

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published
[8]ページ先頭
©2009-2025 Movatter.jp