Supported formats

Binary Valentine currently supports executable formats listed below.

Portable executable

All Windows executable files use Portable Executable format. Some other systems like EFI and X-Box also use it. Binary Valentine detects the following issues:

  • Security issues, such as absent hardening options (e.g. ASLR), insecure configurations (e.g. writable code sections), or usage of dangerous WinAPI functions.
  • Configuration issues, for example, version information bugs, application icon and manifest issues.
  • Optimization issues, which could be addressed to make the executable faster or smaller (e.g. profile-guided optimization usage).
  • System issues, which are related to the operating system misuse, such as deprecated or internal WinAPI usage, system compatibility issues, and DPI awareness.
  • Format issues, which are related to the PE format itself.

For Portable Executable, more than 190 rules are currently provided (See All rules). Most rules are single-executable, but some of them do combined analysis (e.g., version info cross-executable consistency check rules).

Windows Electron applications

For Electron applications, Binary Valentine provides a couple of rules which check that the Electron version used to build an application is recent and is not a preview (see All rules).