Alternatives and similar repositories for signify

Users that are interested in signify are comparing it to the libraries listed below

• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆72Updated last year
• d35ha / xLogger
  Simple windows API logger
  ☆108Updated 5 years ago
• elastic / die-python
  Native Python3 bindings for @horsicq's Detect-It-Easy
  ☆73Updated 3 months ago
• malwarefrank / dnfile
  Parse .NET executable files.
  ☆77Updated this week
• 0mWindyBug / RansomGuard
  anti-ransomware file-system filter
  ☆61Updated 11 months ago
• dr-anoroc / rawccopy
  Command line utility for copying files on NTFS using low level disk access
  ☆36Updated last year
• hasherezade / pe_unmapper
  Small tool to convert beteween the PE alignments (raw and virtual).
  ☆94Updated 2 years ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆26Updated 10 months ago
• WithSecureLabs / GarbageMan
  GarbageMan is a set of tools for analyzing .NET binaries through heap analysis.
  ☆116Updated 2 years ago
• VergiliusProject / kernels-data
  Windows kernel PDB data parsed into YAML
  ☆38Updated 9 months ago
• enkomio / thematrix
  a PE Loader and Windows API tracer. Useful in malware analysis.
  ☆143Updated 2 years ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆67Updated 4 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆146Updated 4 years ago
• trailofbits / WinDbg-JS
  ☆25Updated last year
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆125Updated this week
• keowu / InstrumentationCallbackToolKit
  A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…
  ☆32Updated last year
• pathtofile / PPLRunner
  Run Processes as PPL with ELAM
  ☆167Updated 3 years ago
• hasherezade / mal_unpack_drv
  MalUnpack companion driver
  ☆98Updated last year
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆52Updated 4 years ago
• FuzzySecurity / BulkBindex
  Winbindex bot to pull in binaries for specific releases
  ☆48Updated last year
• 7eRoM / elam
  A Practical example of ELAM (Early Launch Anti-Malware)
  ☆35Updated 3 years ago
• hfiref0x / Misc
  Miscellaneous Code and Docs
  ☆82Updated last month
• avast / authenticode-parser
  Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.
  ☆18Updated last year
• nccgroup / mimikatz-detector-condrv
  The Console Monitor Driver is a KMDF kernel-mode filter driver that captures certain Fast I/O operations (input and output) that is sent …
  ☆40Updated 2 years ago
• m417z / minhook-detours
  A hooking library with a MinHook-like API and a Detours-like implementation, with support for the x86, x64, and ARM64 platforms
  ☆27Updated 3 weeks ago
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆47Updated 6 months ago
• repnz / windows-imports-searcher
  Support Windows OS Reversing by searching easily for references to functions across many DLLs
  ☆34Updated 3 years ago
• diversenok / Suspending-Techniques
  Comparing, discussing, and bypassing various techniques for suspending and freezing processes on Windows.
  ☆127Updated 3 years ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆145Updated 6 years ago