The extrude project provides a powerful tool for analyzing binaries to identify missing security features, potential information disclosures, and more. Currently in early development, extrude supports the analysis of ELF and MachO binaries, with support for PE (Windows) binaries planned for future releases.

Features

extrude offers a comprehensive set of checks to enhance the security assessment of binaries. The following checks are supported:

ELF Binaries

• Position Independent Executable (PIE)
• RELocation Read-Only (RELRO)
• BIND NOW
• Fortified Source
• Stack Canary
• No-eXecute Stack (NX Stack)

MachO Binaries

• Position Independent Executable (PIE)
• Stack Canary
• No-eXecute Stack (NX Stack)
• No-eXecute Heap (NX Heap)
• Address Randomization Code (ARC)

Windows

• Support coming soon...

Usage

To analyze a binary, use the following command structure:

extrude [flags] [file]

Available flags include:

• -a, --all : Show details of all tests, not just those that failed.
• -w, --fail-on-warning : Exit with a non-zero status even if only warnings are found.
• -h, --help : Display help information for extrude.

Running with Docker

extrude can also be run via Docker for convenience:

docker run -v `pwd`:/blah -it ghcr.io/liamg/extrude /blah/targetfile

Future Enhancements

Plans for future development include:

• Support for PE binary analysis
• Integration of secret scanning capabilities
• Detection of binary packers

By leveraging extrude, security researchers can more effectively pinpoint vulnerabilities within binaries to bolster overall software security.