Toolbox for VulnDetect
-
@Tom I can not find this file on my VM, so what package do I need to get the file?
-
@olli_s As far as I can tell it is part of LastPass, it seems like most, but perhaps not all, users of LastPass has it.
I can give you the file, but I don't think it is super important, since that file isn't useful, it was just to quickly test a bunch of useful files and less useful files. -
Is GetAppDetails ony for 64bit Windows?
-
At the moment yes, but you are right: I also should compile a 32-bit version.
Do you want to test the current un-released version with many more features? -
@Anselm I added some more build modes in my programming IDE and now I am able to build a 32-Bit and a 64-Bit version of the app.
Do you want to test the current un-released version with many more features? -
Today I released Version 3.0 of the Toolbox for VulnDetect with many new features!.
Please note that the app was renamed from GetAppDetails for VulnDetect to Toolbox for VulnDetect.
If you want to see what has changed, please see the Tab "About" in the Toolbox. -
Hi Olli,
Thanks a lot for this toolbox.
Can you please add the way to report icons? In the toolbox or a link.
Thanks and regards.
-
@GregAlexandre said in Toolbox for VulnDetect:
Can you please add the way to report icons? In the toolbox or a link.
Can you please specify what exactly you need?
A way to extract the icon from an exe file? -
@OLLI_S
Yes, a way to extract the icon from an exe file. Even if you redirect to another tool.
Regards. -
@GregAlexandre said in Toolbox for VulnDetect:
Yes, a way to extract the icon from an exe file. Even if you redirect to another tool.
I already posted this topic many months ago:
https://vulndetect.org/topic/155/please-read-before-posting-new-detection-issuesDoes this help you?
-
@OLLI_S Yes, this helps.
I now remember why I did not download these tools: their last version is very old! So one can think that these projects have no more support. This does not sound good for security.
Regards. -
Personally I would suggest to use IcoFX.
-
@OLLI_S The more recent, that is what I did. I am sending Tom required icons
Thanks a lot for you help! -
@OLLI_S Free IcoFx is vulnerable. Any suggestion in order to be able to help Tom with icons ?
-
@GregAlexandre
VulnDetect detects both NirSoft IconsExtract and IcoFX.
Remember, it is only the older (portable) versions of IcoFX that are vulnerable, if you install the latest, then there is no issues.
If you find another tool, then let me know and we will add detection for that. -
@Tom I removed free and portable IcoFx as it is vulnerable.
Next time I will use NirSoft IconsExtract even if I do not like using unsupported / inactive oldies project as no one but hackers know their security status.
Regards. -
@GregAlexandre :
To extract icons I now use Quick Any2Ico : https://www.carifred.com/quick_any2ico/
Regards. -
@OLLI_S : It seems that you did not updated the site with your latest toolbox?
Still in beta?
Will you sign your .exe ? -
@GregAlexandre said in Toolbox for VulnDetect:
@OLLI_S : It seems that you did not updated the site with your latest toolbox?
Still in beta?
Will you sign your .exe ?It is still in Beta because I need to implement some features (smaller changes).
And I am waiting for a new version of Quick Any2Ico that detects the original size of the icon in the EXE file (contacted the developer but no reply yet).
I have no idea what is needed to sign an application (stopped programming 10 years ago and started it again for the Toolbox).
-
@OLLI_S ; May I suggest that you release your version even if not perfect.
Agile way of life.
You have to get a valid pair of key to sign code*. Then you use the private key to sign your code. The way you do it is depending of you compiler. I know to do it for macros. And more than 10 years ago I knew how to do it with Visual Studio (was it Studio ?). Quite sure you will find this very quickly in help of your compiler.- you can get needed keys at Cacert if you are assured by some assurers. Only recognize if you trust Cacert root but free and better than nothing.
