Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add Mach-O security feature detection #2497

Open
wagoodman opened this issue Jan 16, 2024 · 0 comments
Open

Add Mach-O security feature detection #2497

wagoodman opened this issue Jan 16, 2024 · 0 comments
Labels
binary-analysis enhancement New feature or request
Milestone
Elevate binary ar...

Comments

@wagoodman
Copy link
Contributor

ELF security feature detections was added in #2443 . It would be nice to also add this same kind of features but for darwin (Mach-O formatted binaries).

Proposed features to detect:

  • Code signing, we could reuse/import functions from anchore/quill to do this.
  • PIE (same as in ELF)
  • Non-Executable stack/heap flags (similar to DEP in PE formatted files)
  • Stack canaries
  • Hardened runtimes, detectable in the binary's entitlements (there might be a function in anchore/quill for this)

There may be more features to detect that I'm unaware of.
@wagoodman wagoodman added enhancement New feature or request binary-analysis labels Jan 16, 2024
@wagoodman wagoodman mentioned this issue Jan 16, 2024
Merged
@wagoodman wagoodman added this to the Elevate binary artifacts milestone Feb 7, 2024
@wagoodman wagoodman added this to OSS Feb 7, 2024
@wagoodman wagoodman moved this to Backlog in OSS Feb 7, 2024
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
binary-analysis enhancement New feature or request
Projects
OSS
Status: Backlog
Milestone
Elevate binary artifacts
Development

No branches or pull requests
1 participant
@wagoodman