EricZimmerman
commented
7 months ago You can generate them I guess.
What for? Everything is signed sha256. If the signature is intact it's all good.
Closed rawsGit closed 7 months ago
EricZimmerman
commented
7 months ago You can generate them I guess.
What for? Everything is signed sha256. If the signature is intact it's all good.
rawsGit
commented
7 months ago To ensure data integrity, after download. I will look into how to verify sha256 digital signatures. Ok to close issue. Thanks for the prompt response.
EricZimmerman
commented
7 months ago The signature does that for you. If any bit changes the signature won't validate.
rawsGit
commented
7 months ago Understood. I also see, now, that Github also ensures commits are legitimate(https://docs.github.com/en/authentication/managing-commit-signature-verification/displaying-verification-statuses-for-all-of-your-commits). Thank you, EZ.
Where can I locate the hash values of the full suite of tools, including the GetZimmermanTools.ps1 script?