Alternatives and similar repositories for signify

Users that are interested in signify are comparing it to the libraries listed below

• malwarefrank / dnfile
  Parse .NET executable files.
  ☆76Updated last week
• intel471 / coderex
  A tool that automates regex generation for the x86 and x86-64 instruction sets
  ☆73Updated last year
• trailofbits / uthenticode
  A cross-platform library for verifying Authenticode signatures
  ☆153Updated 4 months ago
• hasherezade / pe_utils
  A set of small utilities, helpers for PIN tracers
  ☆32Updated last year
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆145Updated 4 years ago
• libyal / winevt-kb
  Windows Event Log Knowledge Base
  ☆26Updated 9 months ago
• RichHeaderResearch / RichPE
  Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks
  ☆65Updated 3 years ago
• libyal / libscca
  Library and tools to access the Windows Prefetch File (SCCA) format.
  ☆76Updated 6 months ago
• avast / authenticode-parser
  Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.
  ☆18Updated last year
• hasherezade / libpeconv_tpl
  A ready-made template for a project based on libpeconv.
  ☆49Updated 4 months ago
• you0708 / lznt1
  Python implementation of LZNT1 compression/decompression
  ☆65Updated 5 years ago
• elastic / die-python
  Native Python3 bindings for @horsicq's Detect-It-Easy
  ☆71Updated 2 months ago
• danielplohmann / empty_msvc
  A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.
  ☆32Updated last year
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆124Updated 3 weeks ago
• dr-anoroc / rawccopy
  Command line utility for copying files on NTFS using low level disk access
  ☆36Updated last year
• lowleveldesign / comon
  A WinDbg extension to trace COM interactions
  ☆115Updated last year
• sgabe / SymlinkProtect
  File system minifilter driver for Windows to block symbolic link attacks.
  ☆51Updated 4 years ago
• kobykahane / NpEtw
  Named pipe I/O ETW provider for Windows
  ☆70Updated 4 years ago
• airbus-cert / etwbreaker
  An IDA plugin to deal with Event Tracing for Windows (ETW)
  ☆55Updated 3 years ago
• nccgroup / WindowsJobLock
  Windows Process Lockdown Tool using Job Objects
  ☆69Updated 11 years ago
• jay / gethooks
  GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.
  ☆61Updated 3 years ago
• Biswa96 / TraceEvent
  Trace events in real time sessions
  ☆45Updated last year
• williballenthin / wevt_template
  extract and parse WEVT_TEMPLATEs from PE files
  ☆18Updated last year
• mrexodia / YaraGen
  Plugin for x64dbg to generate Yara rules from function basic blocks.
  ☆36Updated 7 years ago
• airbus-cert / yara-ttd
  Use YARA rules on Time Travel Debugging traces
  ☆92Updated 2 years ago
• SentineLabs / Memloader
  Memory Loader Open Source Project by Sentinel-Labs.
  ☆24Updated 4 years ago
• 0mWindyBug / RansomGuard
  anti-ransomware file-system filter
  ☆59Updated 10 months ago
• zodiacon / syllabi
  ☆62Updated last year
• d35ha / xLogger
  Simple windows API logger
  ☆108Updated 5 years ago
• hasherezade / pe2pic
  Small visualizator for PE files
  ☆69Updated last year