Iris – WinDbg Extension To Perform Basic Detection Of Common Windows Exploit Mitigations

From prodefence.org

Iris WinDbg extension performs basic detection of common Windows exploit mitigations (32 and 64 bits).


The checks implemented, as can be seen in the screenshot above, are (for the loaded modules):

  • DynamicBase
  • ASLR
  • DEP
  • SEH
  • SafeSEH
  • CFG
  • RFG
  • GS
  • AppContainer

If you don’t know the meaning of some of the keywords above use google, you’ll find better explanations than the ones I could give you.

Read more…