What are the two main methods for adding digital signatures to files in Windows?

The two main methods are Authenticode, which appends a digital signature directly to the end of a file (e.g., consent.exe), and catalog signing via CAT files, where the file’s hash is stored in a security catalog that is then signed. Authenticode signatures appear in file properties, while CAT signatures do not. For a detailed comparison, see the CAT File Digital Signature Usage Techniques article.