Once a PowerShell script carries a digital signature, you can easily find out who signed the script, and more importantly, whether the script is still untampered. In the previous parts of this series, you learned how to create digital certificates, and how to apply new code-signing signatures to PowerShell files. Now let’s see how you can validate scripts.
# this is the path to the scripts you'd like to examine $Path = "$home\Documents" Get-ChildItem -Path $Path -Filter *.ps1 -Recurse | Get-AuthenticodeSignature
Simply adjust the path. The script finds all PowerShell scripts located in that path, then checks their signature. The result typically is one of these:
NotSigned: has no signature UnknownError: was signed by a non-trusted certificate HashMismatch: has changed since the signature was applied Valid: was signed by a trusted entity, and hasn’t changed since
