William Woodruff

This is very helpful, thanks! As a first pass, checking for a `.text` section might be a reasonable solution here. But that's probably not general enough, since a PE could...

Agreed! This should be part of the default output (for JSON as well).

(Related to #66.)

https://github.com/olliencc/WinBinaryAudit contains more advanced GS checks that we should probably build off of.

To elaborate: the current `/GS` detection is probably over-sensitive, since every recent build of the Windows CRT has stack cookies enabled and uses the default cookie to protect `_start` at...

Similarly, maybe a `-c cmd` mode to spawn a process for auditing.

We should probably de-icebox this: the fact that all memory in DR is executable means that we'll probably find crashes that won't happen when DEP is enabled.

I think `dr_virtual_alloc` + `MEMORY_BASIC_INFORMATION.Protect` will allow us to accomplish this.

Based on https://github.com/DynamoRIO/dynamorio/blob/f1713ec4a9a856d1038c6095da67a5bd95b6a1c7/core/win32/ntdll.c#L2016 and https://github.com/DynamoRIO/dynamorio/blob/f1713ec4a9a856d1038c6095da67a5bd95b6a1c7/core/win32/drwinapi/kernel32_mem.c#L460, I don't *think* DynamoRIO uses permissive memory. I also haven't been able to cause a ROP exploit under a DEP-protected binary run under `drrun`, so...

(Marking it as a candidate just in case I'm wrong).