Skip to content

srozb/authenticode

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
tests
tests
 
 
README.md
README.md
 
 
authenticode.nimble
authenticode.nimble
 
 
config.nims
config.nims
 
 

Repository files navigation

Authenticode

run tests

PE Authenticode parser based on libyara implementation

Installation

nimble install authenticode

Usage

You'll probably want to parse PE file mapped into memory with parse_authenticode function, like this:

import authenticode
import authenticode/parser
import std/memfiles

initialize_authenticode_parser()

var data = memfiles.open("path/to/pefile.exe", mode = fmReadWrite, mappedSize = -1)
let auth = parse_authenticode(cast[ptr uint8](data.mem), data.size.uint)

Consult tests/testParsing.nim file for detailed usage.

About

Authenticode parser based on libyara

Topics

cryptography executable forensics authenticode digital-signature

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

v0.1.1 Latest
Oct 5, 2022
+ 1 release

Packages

No packages published

Languages