ralphje / signify

Related projects ⓘ

Alternatives and complementary repositories for signify

• goretk / pygore
  pyGoRE - Python library for analyzing Go binaries
  ☆64Updated 2 years ago
• trailofbits / uthenticode
  A cross-platform library for verifying Authenticode signatures
  ☆139Updated last week
• Velocidex / oleparse
  Golang parser for OLE files
  ☆31Updated 4 months ago
• stoerchl / yara_zip_module
  ☆13Updated 2 years ago
• Velocidex / go-pe
  A Portable Executable parser for Golang
  ☆47Updated last year
• ohjeongwook / windows_sdk_data
  Windows API listing in JSON format - generated from SDK headers + SDK API documentation
  ☆66Updated 4 years ago
• williballenthin / python-dotnet-binaryformat
  Pure Python parser for data encoded by .NET's BinaryFormatter
  ☆48Updated 6 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆31Updated 4 years ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆50Updated 2 years ago
• avast / yarang
  Alternative YARA scanning engine
  ☆67Updated 2 years ago
• SouhailHammou / Drivers
  Windows Drivers
  ☆95Updated 5 years ago
• avast / yls
  YARA Language Server
  ☆68Updated this week
• immortalp0ny / yarg
  Yet another rule generator for Yara
  ☆25Updated 4 years ago
• hillu / yara-rules-re
  Tools for inspecting YARA bytecode
  ☆16Updated 4 years ago
• xpn / RpcEnum
  An command-line RPC method enumerator, born out of RPCView's awesomeness
  ☆98Updated 5 years ago
• angelkillah / zer0m0n
  zer0m0n driver for cuckoo sandbox
  ☆87Updated 8 years ago
• kobykahane / NpEtw
  Named pipe I/O ETW provider for Windows
  ☆66Updated 4 years ago
• zodiacon / ALPCLogger
  Log ALPC activity
  ☆80Updated last year
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆18Updated 3 weeks ago
• DissectMalware / xlrd2
  xlrd2 is a variant of xlrd that is actively maintained
  ☆23Updated 3 months ago
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆62Updated 6 months ago
• ctxis / capemon
  CAPE monitor DLLs
  ☆38Updated 4 years ago
• c3rb3ru5d3d53c / karton-unpacker
  A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.
  ☆51Updated 3 years ago
• SekoiaLab / BinaryInjectionMitigation
  Two tools used during our analysis of the Microsoft binary injection mitigation implemented in Edge TH2.
  ☆53Updated 7 years ago
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆100Updated 2 weeks ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆259Updated 8 months ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆129Updated 4 years ago
• conix-security / machoke
  ☆51Updated 6 years ago
• benoitsevens / applying-ttd-to-malware-analysis
  Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019
  ☆39Updated 5 years ago
• zodiacon / JobExplorer
  Explore Job Objects on a Windows system
  ☆80Updated 5 years ago