./configure --with-libpcap-includes=/npcap-sdk/Include --with-libpcap-libraries=/npcap-sdk/Lib/x64 --with-libnss-libraries=/mingw64/lib/ --with-libnss-includes=/mingw64/include/nss3/ --with-libnspr-libraries=/mingw64/lib/ --with-libnspr-includes=/mingw64/include/nspr/ --enable-lua --disable-gccmarch-native --enable-gccprotect
make clean && make -j 2
For those reading from the future…
The suricata.exe will be in the src/.libs folder Copy the suricata.exe to c:\suricataNew
but you also need several dlls. Those can be found in c:\msys64\mingw64\bin*.dll
I took all of those dlls (all are not needed) and put them in C:\suricataNew
From a security perspective, a non-admin user shouldn’t be able to change the suricata.exe file, if an attacker can change the suricata file and you are running it from an admin user, an attacker can become admin. Leaving out several details here, but the point is protect exe’s that you run with elevated privs or those exe’s can be used to own the machine.