Thursday, December 3, 2009

Sigverif

For File Signature Verification, I noticed a tool in Windows that installed by default in several win32 platform, namely sigverif. To execute the tool, type 'sigverif' at the Run tab.

Sigverif able to scan the system folder to find the unsigned system files or driver files. The scanning path can be defined by ourself eg SYSTEM/Driver,etc.

Yet, the tool only able to inform us about the unsigned file, nothing else it able to do eg export to result to csv, or further investigate the file details.

Here the scanning result of my Windows VM :

No comments:

Post a Comment