Security Verification: BinScope Binary Analyzer

The BinScope Binary Analyzer is a Microsoft verification tool that analyzes binaries to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations.  BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, and up-to-date build tools are in place.

BinScope also reports on dangerous constructs that are prohibited or discouraged by the SDL (e.g. read/write shared sections and global function pointers).  For a more detailed enumeration of the checks performed by BinScope, please see the BinScope documentation.  BinScope is available in two forms: as a standalone executable and as a Visual Studio add-on.

Get the tool…

Comments (3)

  1. newsoft says:


    I am not sure where to report it, but BinScope will raise "NXCheck" failures for 64-bit executables not marked as /NXCOMPAT.

    However since 64-bit executables on 64-bit operating systems are always DEP-enabled, it looks like a false positive to me.

  2. myiastudy says:

    I think this is because BinScope checks for the NX bit in the PE header.  It does not verify whether the executable is actually DEP compatible.  So the 64-bit executables should have this bit set, in my opinion.

  3. GP says:

    Can I use Binscope to verify an exe package built using a jar file and 2 dlls?

Skip to main content