1
2CHECKSEC(1) User Manuals CHECKSEC(1)
3
4
5
7 checksec - check executables and kernel properties
8
10 checksec [options] [file]
11
13 checksec is a bash script used to check the properties of executables
14 (like PIE, RELRO, PaX, Canaries, ASLR, Fortify Source) and kernel secu‐
15 rity options (like GRSecurity and SELinux).
16
18 --output= or --format= {cli|csv|xml|json}
19 Output the results in different formats for ingestion to other
20 applications. NOTE: This option must go before any other
21 options currently
22
23 --help Displays the help text
24
25 --file={filename}
26 Checks individual files for security features compiled into the
27 executable
28
29 --dir={directory}
30 Recursively checks all executable files in the directory for
31 security features compiled into the executables
32
33 --proc={pid}
34 Checks the security features of a running process by name
35
36 --proc-all
37 Checks the security features of all running processes
38
39 --proc-libs
40 Checks the security features of the all libraries of a running
41 process ID
42
43 --kernel[=kconfig]
44 Checks the security features of the running kernel or a speci‐
45 fied kernel config
46
47 --fortify-file={filename}
48 Checks the fortifiability of a file and if any of the fortifi‐
49 able features have already been compiled into the file
50
51 --fortify-proc={pid}
52 Checks the fortifiability of a running process and if any of the
53 fortifiable features have already been compiled in
54
55 --version
56 Shows the current version of the running software
57
58 --update or --upgrade
59 Checks source for a signed update and updates the application if
60 available
61
62
64 The following diagnostics may be issued on stderr:
65
66 Permission Denied.
67 For most of the checks you must be root..
68 Debugging
69 --debug option can be specified for debug level output
70
72 Brian Davis <slimm609 at gmail dot com>
73 Checksec was originally written by Tobias Klein
74
75
76
77Linux FEBURARY 2019 CHECKSEC(1)