0.3.0

This release adds a fully featured GUI (based on the Qt library). It also includes various internal changes to the program core, as well as minor report message fixes and exception handling improvements.

0.2.0

This release adds new Authenticode signature checks for the portable executable format.

• Updated dependencies (pe_bliss2, fmt).
• Rules improved:
  • PE017: Executable is not signed - now properly checks if the Authenticode signature is present.
• New rules added:
  • PE047: Security directory format error
  • PE048: Authenticode signature format error
  • PE165: Incorrect Authenticode image hash value
  • PE166: Authenticode certificate store format warning
  • PE167: Incorrect Authenticode image page hashes
  • PE168: Absent Authenticode image page hashes
  • PE169: Authenticode image page hashes check error
  • PE170: Incorrect Authenticode message digest
  • PE171: Weak Authenticode image hash algorithm
  • PE172: Unable to check Authenticode image signature
  • PE173: Weak Authenticode signature RSA key size
  • PE174: Weak Authenticode signature ECDSA curve
  • PE175: Incorrect Authenticode image signature
  • PE176: Absent Authenticode timestamp counter-signature
  • PE177: Incorrect Authenticode timestamp counter-signature digest
  • PE178: Weak Authenticode timestamp counter-signature digest algorithm
  • PE179: Weak Authenticode timestamp counter-signature imprint digest algorithm
  • PE180: Incorrect Authenticode timestamp counter-signature
  • PE181: Absent Authenticode timestamp counter-signature signing time
  • PE182: Authenticode signature check error
  • PE184: Authenticode test signature
  • PE185: Authenticode signing certificate empty subject DN
  • PE186: Authenticode signing certificate subject DN missing attributes
  • PE187: Authenticode signing certificate subject DN invalid attributes

0.1.0-alpha

Windows build only