avast / authenticode-parserLinks
Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.
☆18Updated last year
Alternatives and similar repositories for authenticode-parser
Users that are interested in authenticode-parser are comparing it to the libraries listed below
Sorting:
- ☆18Updated 4 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- Blog posts☆30Updated 4 years ago
- ☆22Updated 4 years ago
- Data and structures regarding the research done on WdFilter☆12Updated 5 years ago
- A ready-made template for a project based on libpeconv.☆48Updated 4 months ago
- Helper Script to convert a Windbg dumped structure (using the 'dt' command) into a C structure. It creates dummy structs for you if neede…☆26Updated last year
- Support Windows OS Reversing by searching easily for references to functions across many DLLs☆34Updated 3 years ago
- A set of small utilities, helpers for PIN tracers☆33Updated last year
- Dumps information about all the callback objects found in a dump file and the functions registered for them☆36Updated 4 years ago
- Python 3 - Manipulation and conversation with different data type (Bytes operations)☆26Updated 3 years ago
- A driver to intercept low level windows events☆62Updated 5 years ago
- A demo implementation of a well-known technique used by some malware to evade userland hooking, using my library: libpeconv.☆19Updated 7 years ago
- PoC for detecting and dumping process hollowing code injection☆51Updated 6 years ago
- A POC for Windows Extension Host hooking☆22Updated 5 years ago
- NDC Oslo 2019 slides and demos☆32Updated 4 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 9 years ago
- ☆34Updated 7 years ago
- Bypass for the hardening against usage of tagWnd as a kernel read/write primitive☆29Updated 8 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 2 years ago
- A Practical example of ELAM (Early Launch Anti-Malware)☆34Updated 3 years ago
- IDAPython scripts☆15Updated 7 years ago
- Trace events in real time sessions☆45Updated last year
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated last year
- allowing um r/w through km from um ioctl ™☆11Updated 3 years ago
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆33Updated 5 years ago
- A tool to help malware analysts tell that the sample is injecting code into other process.☆78Updated 9 years ago
- ☆25Updated 2 years ago
- Various WinDbg extensions and scripts☆31Updated 6 years ago
- PoC for detecting and dumping code injection (built and extended on UnRunPE)☆56Updated 6 years ago