mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-11-25 03:51:37 +01:00
update
This commit is contained in:
parent
8d24963a0c
commit
ddb2282e0a
@ -2,9 +2,10 @@
|
||||
|
||||
A Powershell script that signs input Executable file with fake Microsoft code-signing certificate to demonstrate risks of Code Signing attacks.
|
||||
|
||||
Script was borrowed from [Matt Graeber, @mattifestation](https://twitter.com/mattifestation) and his [_Code Signing Certificate Cloning Attacks and Defenses_](https://posts.specterops.io/code-signing-certificate-cloning-attacks-and-defenses-6f98657fc6ec) and **all credits are his**.
|
||||
Script was shamelessly borrowed from [Matt Graeber, @mattifestation](https://twitter.com/mattifestation) and his research titled [_Code Signing Certificate Cloning Attacks and Defenses_](https://posts.specterops.io/code-signing-certificate-cloning-attacks-and-defenses-6f98657fc6ec)
|
||||
**All credits go to Matt** - I merely copied it preserverance purposes.
|
||||
|
||||
As of 13/07/2022 this dumb trick still gets off the shelf malware evade detection of at least 8 modern security scanners.
|
||||
As of 13/07/2022 this **dumb trick** still gets off the shelf malware evade detection of at least 8 modern security scanners.
|
||||
|
||||
| What | Result |
|
||||
|------------------------------------------------------------------------------|-----------|
|
||||
|
Loading…
Reference in New Issue
Block a user