Toggle between light and dark mode.
Your selection will not be saved. From GDPR with ❤.

checksec.sh

A little tool for quickly surveying the mitigation technologies in use by processes on a Linux system.

Latest Version: v1.5 from 2011

Modern Linux distributions offer some mitigation techniques to make it harder to exploit software vulnerabilities reliably. Mitigations such as RELRO, NoExecute (NX), Stack Canaries, Address Space Layout Randomization (ASLR) and Position Independent Executables (PIE) have made reliably exploiting any vulnerabilities that do exist far more challenging. The checksec.sh script is designed to test what standard Linux OS and PaX security features are being used.

ⓘ Note

You can read more about the origin of the script here. 🧐

Usage Examples.

Check out the Release Notes for examples on how to use checksec.sh, as well as for background information on the features.

Latest Version.

You can download the latest version 1.5 of checksec.sh here.

For information on enhancements and defect fixes, please refer to the Release Notes.

SHA-256:

77b8a7fd9393d10def665658a41176ee745d5c7969a4a0f43cefcc8a4cd90947

Frequently Asked Questions.

checksec.sh depends on Bash version 3.2 and higher. Furthermore, the readelf command, which is part of the binutils package, is required for most of the checks.

It seems that the script file is not executable. Try the following command: chmod +x checksec.sh

checksec.sh should work on all Linux distributions. I successfully tested the script on Ubuntu Desktop and Server Edition, Fedora, openSUSE and Gentoo (Hardened).

History and Changes.

Version Date Changes
1.5 17-Nov-2011 Release Notes
1.4 14-Jan-2011 Release Notes
1.3.1 15-Jun-2010 New License
1.3 04-May-2010 Release Notes
1.2 02-Jan-2010 Release Notes
1.1 27-Dec-2009 Release Notes
1.0 28-Jan-2009 Release Notes