Checkec is an excellent tool written by Tobias Klein for identifying security features which were selected or omitted at compile-time on any given Linux binary.

We rarely compile things for ourselves these days, but rather implicitly trust the person who packaged the software we use to have made good choices with security-relevant compiler options when compiling the binary for us. checksec does a deep dive on a binary by using the readelf command to closely examine the binary and then parses out the results into an easily readable table, or to json for further processing.

Opensource.com has produced an excellent article on the subject available here: https://opensource.com/article/21/6/linux-checksec.

And the author’s project page with detailed explanations of each of the items the tool checks is available here: https://www.trapkit.de/tools/checksec/.

dcd