Limelighter is a tool which creates a spoof code signing certificates and sign binaries and DLL files to help evade EDR products and avoid MSS and sock scruitney. LimeLighter can also use valid code signing certificates to sign files. Limelighter can use a fully qualified domain name such as acme.com.
LimeLighter was developed in golang.
Make sure that the following are installed on your OS
openssl
osslsigncode
The first step as always is to clone the repo. Before you compile LimeLighter you’ll need to install the dependencies. To install them, run following commands
go get github.com/fatih/color
Then build it
go build Limelighter.go
Usage
./LimeLighter -h
._ ._ . ._ ._ _ | | || | | || _ | |/ |_ _
| | | |/ _/ _ | | | |/ | | \ \/ _ _ \
| || | Y Y \ /| || / // > Y \ | \ /| | \/ |_ __||| /__ > ____ /|| /| _ >| \/ \/ \/ \/ // \/ \/
@Tyl0us
[*] A Tool for Code Signing… Real and fake
Usage of ./LimeLighter:
-Domain string
Domain you want to create a fake code sign for
-I string
Unsiged file name to be signed
-O string
Signed file name
-Password string
Password for real certificate
-Real string
Path to a valid .pfx certificate file
-Verify string
Verifies a file’s code sign certificate
-debug
Print debug statements
To sign a file you can use the command option Domain to generate a fake code signing certificate
to sign a file with a valid code signing certificate use the Real and Password to sign a file with a valid code signing certificate.
To verify a signed file use the verify command.
General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…
How to Send POST Requests Using curl in Linux If you work with APIs, servers,…
If you are a Linux user, you have probably seen commands like chmod 777 while…
Vim and Vi are among the most powerful text editors in the Linux world. They…
Working with compressed files is a common task for any Linux user. Whether you are…
In the digital era, an email address can reveal much more than just a contact…