pfd

executablemacOS219.7 KBx86_64, arm64

Code signing utility — validates and manages application code signatures

Validates code signatures on macOS executables and frameworks, verifying cryptographic signatures against Apple's certificate authority and checking for tampering or revocation. Accesses the Keychain to retrieve and verify certificates used in code signing operations. Exposes an XPC service for system tools and applications to request signature validation. Communicates with network endpoints, likely for certificate revocation checking (OCSP) or timestamp validation during signature verification.AI

Fingerprint

Platform: macOS
Type: executable
Arch: x86_64, arm64
Min OS: 26.1.0
SDK: 26.1.0
File Size: 219.7 KB
UUID: 3CDF2255-CE7C-3062-B7B6-512626A10C61
Analyzed: 2026-04-09T09:59:33Z
CDHash: bf6f2f12f4fe55d7aa7c9a11335b1683b8cfb97f6e36f4204de8f06afa343bf0

Capabilities

SecurityKeychain, certificates, code signing

/System/Library/Frameworks/Security.framework/Versions/A/Security

Frameworks4

Security CoreFoundation PacketFilter libSystem.B.dylib

Interesting Strings

Bundle IDs(6)

com.apple.com.apple.%s/%s com.apple.pf com.apple.pf.allow com.apple.pf.rule

File Paths(3)

/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation /System/Library/Frameworks/Security.framework/Versions/A/Security /System/Library/PrivateFrameworks/PacketFilter.framework/Versions/A/PacketFilter

URLs & Endpoints(4)

$http://crl.apple.com/codesigning.crl0 %http://www.apple.com/appleca/root.crl0 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">https://www.apple.com/appleca/0

Network Surface

Networking Frameworks

Endpoints(6)

Urlhttp://www.apple.com/appleca/root.crl0

Hostnamewww.apple.com

Urlhttp://crl.apple.com/codesigning.crl0

Hostnamecrl.apple.com

Urlhttps://www.apple.com/appleca/0

Urlhttp://www.apple.com/DTDs/PropertyList-1.0.dtd">

DNA Capability Vector

Location

0

Keychain

0

Network

0

Storage

0

Hardware

0

IPC

0

Analytics

0

Security

1

System

0

Behavioral Profile

URL Endpoints

4

Telemetry Strings

0

File Paths

3

Bundle IDs

6

IOKit Constants

0

Library Functions

0

Structural HashesSHA-256

Code1e2fb2b23d22ca4f034b6f23cd8fd3f1f3a7079be0e92ba3a96b4fbe361c1e13

Importsbcccb247d64d750ec6016fcceae4c58bfb5d2cb5082785a3212c785b36c4e2f4

Frameworks4d40e7ddd997879daa72085f83e76101087b5f75c956a3343a1cdaf2685aef96

Classese3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Entitlementse3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Symbolsbcccb247d64d750ec6016fcceae4c58bfb5d2cb5082785a3212c785b36c4e2f4

Static Libraries0 / 57 functions identified

Functions(57)

0x1000008a8sub_1000008a8

0x100000920sub_100000920

0x100000964sub_100000964

0x1000009a8sub_1000009a8

0x1000009ecsub_1000009ec

0x100000a64sub_100000a64

0x100000ae0sub_100000ae0

0x100000aecsub_100000aec

0x100000dd0sub_100000dd0

0x100000ea4sub_100000ea4

0x100000f00sub_100000f00

0x100000f50sub_100000f50

0x100001444sub_100001444

0x100001548sub_100001548

0x1000016ecsub_1000016ec

0x100001760sub_100001760

0x10000193csub_10000193c

0x100001a04sub_100001a04

0x100001a08sub_100001a08

0x100001a44sub_100001a44

Imports140 symbols from 3 dylibs

libSystem.B.dylib119 CoreFoundation16 Security5

Exports1

_mh_execute_header0x0

Similar Binaries1,470 comparable

DevToolsSecurity