extract code-signing information from a Mach-O binary with Apple’s codesign utility using the -dvv ags
Legitimate Apple platform binaries will contain an identi!er that is pre!xed with com.apple and be signed with a code-signing authority chain
Signed third-party applications should have a binary signed with an Apple Developer ID
codesign will simply display code object is not signed at all
Using the codesign utility with the -v command line ag, you can check the status of a binary’s code-signing certi!cate. If a certi!- cate has been revoked, the utility will display CSSMERR_TP_CERT_REVOKED