SecureBoot Inspector

Portable Windows 11 application for checking Secure Boot state and reading Secure Boot signature databases from UEFI variables.

Copyright by Dr. René Bäder (PhDs)

License: GNU General Public License v3.0 or later.

Features

Checks firmware type and Secure Boot state.
Reads SecureBoot, SetupMode, AuditMode, and DeployedMode.
Reads and parses Secure Boot databases PK, KEK, db, and dbx.
Displays X.509 certificate subject, issuer, expiry date, and thumbprint.
Displays SHA-256 signature entries.
Can copy or save a text report.

Build

dotnet publish -c Release -r win-x64 --self-contained true /p:PublishSingleFile=false /p:PublishReadyToRun=false -o bin\Release\SecureBootInspector-portable

The portable application folder is created in:

bin\Release\SecureBootInspector-portable

Notes

Start SecureBootInspector.exe with "Run as administrator" because reading UEFI variables normally requires SeSystemEnvironmentPrivilege.

The app is published as a portable folder instead of a single-file EXE because the single-file Windows apphost can fail on some systems with loader error 0xc0000142.

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
Assets		Assets
release		release
.gitignore		.gitignore
Form1.Designer.cs		Form1.Designer.cs
Form1.cs		Form1.cs
LICENSE.txt		LICENSE.txt
Program.cs		Program.cs
README.md		README.md
SecureBootInspector.csproj		SecureBootInspector.csproj
app.manifest		app.manifest

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

SecureBoot Inspector

Features

Build

Notes

About

Uh oh!

Releases 1

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

SecureBoot Inspector

Features

Build

Notes

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases 1

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages