Why I built this I've worked in embedded development and in security tooling. There was a gap where those two worlds met. Binary hardening checks — RELRO, PIE, stack protection — are things embedded developers naturally think about. But there's no tool to automate them in CI (at least none I could find). SCA tools check your source code and licenses, but they don't look at the hardening state of the binary you actually ship. I thought there was demand for something that filled that gap, so I built it. What are hardening flags? Hardening flags are security features applied by the compiler or linker at build time. The five main ones for ELF binaries: RELRO (Relocation Read-Only) : Makes the GOT read-only. Full RELRO is ideal. Stack Canary : A canary value placed on the stack to detect buffer overflows. If it's been tampered with before the function returns, the process terminates. NX (No eXecute) : Marks the stack and heap as non-executable. Basic defense against shellcode injection.…