Supported formats

Binary Valentine currently supports executable formats listed below.

Portable executable

Portable Executable format is used extensively on Windows, EFI, X-Box. For this format, Binary Valentine detects various problems:

  • Security issues, such as absent hardening options (e.g. ASLR), insecure configurations (e.g. writable code sections), or usage of dangerous WinAPI functions.
  • Configuration issues, for example, version information bugs, application icon and manifest issues.
  • Optimization issues, which could be addressed to make the executable faster or smaller (e.g. profile-guided optimization usage).
  • System issues, which are related to the operating system misuse, such as deprecated or internal WinAPI usage, system compatibility issues, and DPI awareness.
  • Format issues, which are related to the PE format itself.

For Portable Executable, more than 160 rules are currently provided (See All rules). Most rules are single-executable, but some of them do combined analysis (e.g., version info cross-executable consistency check rules).