-
Some signing schemes, particularly around artifacts and metadata, rely on timestamp authorities to attest to when a signature was produced. (JARs and Authenticode are examples of this in the wild toda…
-
```
1. download http://live.sysinternals.com/psfile.exe
2. run the AuthentiCode verification on it
I'd expect this to validate just fine.
However, the result is
Asn1Error: Outer and countersign d…
-
Hi,
I'm trying to compile the latest yara-python code (version 4.2.3), and I'm getting a compilation error. I'm doing the build on a system running Rocky Linux 8.5. These are the commands I'm using…
-
PkixCertPathValidator does not validate against PkixParameters.Date when `PkixParameters.ValidityModel == ChainValidityModel`. In fact, any processing where the date can be set is completely commente…
-
As part of signing PE objects for booting UEFI payloads with secureboot, we (@RaitoBezarius and I) would need to add a PKCS#7 signature to PE objects.
This comes along with the efforts @RaitoBezari…
-
Hi! It would be nice if we could pass directory as an ` / ` argument. A lot of times when we are looking for a potential target in exploitable binary, we look in all external PE inside the target inst…
-
### Summary of the new feature / enhancement
TL;DR we need `Get-AuthenticodeSignature` to consider embedded (Authenticode) signatures even if the file is catalog signed. This is continuation of #84…
-
Code:
```
const path = require('path');
const file = path.resolve('dist\\ourbackups-win64.exe');
console.log(file);
const exehandler = require("authenticode-js").createAuthenticodeHandler(file);
…
-
**Describe the bug**
I am attempting to utilize PowerStig on a VM in Azure to generate MOFs from DISA-provided XCCDF files. However, I can't get the module to install successfully due to an authentic…
-
**Describe the bug**
Upgrade to version 1.0.36 throws this error
```
/opt/meshcentral/node_modules/node-forge/lib/asn1.js:508
throw error;
^
Error: Too few bytes to read ASN.1 va…