Powershell - Manage file integrity with a catalogue file

To support me, you can subscribe to the channel, share and like the videos, disable your ad blocker or make a donation. Thank you!

Hello,

It is very easy to check file integrity in PowerShell using a catalogue file which works in the same way as driver catalogue files.

The catalogue contains a fingerprint (hash) of the files contained in the folder specified when the catalogue was created.

If a file has been altered/modified then the hash changes, the catalogue test will encounter a failure.

This is not mandatory but you can sign the catalogue.

# Catalogue
$CatalogueName = 'demo.cat'
$Path = 'c:\demo'
$CatalogueFile = New-FileCatalog -CatalogFilePath "$Path\$CatalogueName" -Path $Path -CatalogVersion 2

# Test the catalogue
Test-FileCatalog -Path $path -CatalogFilePath "$path\$CatalogueName"

# Display files and hashes
$result = Test-FileCatalog -Path $path -CatalogFilePath "$path\$CatalogueName"
$result
$result.PathItems

# Optional
# Creation of the signing certificate
New-SelfSignedCertificate -Subject "CN=Guillaume" -Type CodeSigningCert -HashAlgorithm sha256 -CertStoreLocation Cert:\LocalMachine\My

# Certificate to sign the catalogue
$Certificate = Get-ChildItem -Path Cert:\LocalMachine\My -CodeSigningCert

# Sign the catalogue
Set-AuthenticodeSignature -Certificate $Certificate -FilePath $CatalogueFile -TimestampServer http://timestamp.digicert.com

Powershell - Manage file integrity with a catalogue file

Related links

Powershell - Testing network connectivity and port accessibility

Powershell - Display network connections (equivalent to netstat)

Powershell - Testing name resolution (equivalent to nslookup)

Powershell - View and manage DNS configuration of network interfaces

Powershell - Managing IP configuration of network interfaces

Powershell - Managing the status and configuration of network interfaces

Follow me on

Support me

Last content

Tags