ralphje / signify
Module to generate and verify PE signatures
☆42Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for signify
- pyGoRE - Python library for analyzing Go binaries☆64Updated 2 years ago
- A cross-platform library for verifying Authenticode signatures☆139Updated last week
- Golang parser for OLE files☆31Updated 4 months ago
- ☆13Updated 2 years ago
- A Portable Executable parser for Golang☆47Updated last year
- Windows API listing in JSON format - generated from SDK headers + SDK API documentation☆66Updated 4 years ago
- Pure Python parser for data encoded by .NET's BinaryFormatter☆48Updated 6 years ago
- This is a simple tool to dump all the reparse points on an NTFS volume.☆31Updated 4 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆50Updated 2 years ago
- Alternative YARA scanning engine☆67Updated 2 years ago
- Windows Drivers☆95Updated 5 years ago
- YARA Language Server☆68Updated this week
- Yet another rule generator for Yara☆25Updated 4 years ago
- Tools for inspecting YARA bytecode☆16Updated 4 years ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆98Updated 5 years ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- Named pipe I/O ETW provider for Windows☆66Updated 4 years ago
- Log ALPC activity☆80Updated last year
- Windows Event Log Knowledge Base☆18Updated 3 weeks ago
- xlrd2 is a variant of xlrd that is actively maintained☆23Updated 3 months ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆62Updated 6 months ago
- CAPE monitor DLLs☆38Updated 4 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆51Updated 3 years ago
- Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.☆53Updated 7 years ago
- capemon: CAPE's monitor☆100Updated 2 weeks ago
- Automatically generate AV byte signatures from sets of similar binaries.☆259Updated 8 months ago
- CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers☆129Updated 4 years ago
- ☆51Updated 6 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆39Updated 5 years ago
- Explore Job Objects on a Windows system☆80Updated 5 years ago