Page 1 of 1
Including column for "Digital Signatures" file properties
Posted: Thu Oct 19, 2023 6:31 pm
by Coldblackice
Would it be possible to add the option to include a new column for "Digital Signatures" (as a file property)?
For example:
- win-dll.png (13.12 KiB) Viewed 7727 times
This would be very useful being able to include as a property/column in an Everything search, as it'd quickly allow visually discerning amongst files which are digitally signed or not, even if it merely reports who the signer is, e.g. "Microsoft Corporation".
Re: Including column for "Digital Signatures" file properties
Posted: Thu Oct 19, 2023 9:53 pm
by void
I have put this on my TODO list.
Thank you for the suggestion.
Re: Including column for "Digital Signatures" file properties
Posted: Thu Nov 02, 2023 5:07 am
by void
Everything 1.5.0.1359a adds the following properties:
Digital Signature Name
Digital Signature Timestamp
These properties can be used to search and display digital signature information.
For example, Authenticode code signing information on executables.
To search for files with a digital signature, include the following in your search:
digital-signature-name:<name>
For example:
*.exe digital-signature-name:voidtools
*.exe digital-signature-name:"Microsoft Corporation"
To search for exe files without a digital signature, include the following in your search:
*.exe !digital-signature-name:
To show the digital signature name column:
- In Everything 1.5, right click the result list column header and click Add columns.
- Search for: digital
- Select Digital Signature Name and click OK.
digital-signature-name:
digital-signature-timestamp:
Re: Including column for "Digital Signatures" file properties
Posted: Wed Nov 08, 2023 4:10 am
by Coldblackice
This is AWESOME! Wow, thanks a bunch for adding these! I can't tell you how helpful and convenient these are, being able to quickly discern with a glance which files are digitally signed or not in any given folder. Especially being able to see both the signature name and timestamps.
Not only that, but this is also useful as a malware-fighting measure, as malware/malware-infected files are almost never digitally signed. And if a digitally signed file gets infected/modified in any way, it obviously loses that signature. So this can be a useful tool in quickly seeing what files are digitally signed or not.
(Disclaimer: obviously this detection method isn't the end-all/be-all of malware prevention and shouldn't be relied upon as one's sole measure of protection)