ralphje / signify
Module to generate and verify PE signatures
☆50Updated 2 weeks ago
Alternatives and similar repositories for signify:
Users that are interested in signify are comparing it to the libraries listed below
- Library and tools to access the Windows Prefetch File (SCCA) format.☆73Updated 3 months ago
- A cross-platform library for verifying Authenticode signatures☆148Updated 2 months ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆53Updated 2 years ago
- Trace events in real time sessions☆45Updated last year
- Pure Python parser for data encoded by .NET's BinaryFormatter☆50Updated 6 years ago
- capemon: CAPE's monitor☆116Updated this week
- Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.☆17Updated last year
- GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.☆61Updated 3 years ago
- CAPE monitor DLLs☆39Updated 5 years ago
- Windows Event Log Knowledge Base☆23Updated 6 months ago
- ☆16Updated last year
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆56Updated 3 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆70Updated last year
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- Golang parser for OLE files☆31Updated last month
- Memory Loader Open Source Project by Sentinel-Labs.☆24Updated 4 years ago
- Named pipe I/O ETW provider for Windows☆70Updated 4 years ago
- A simple API monitor for Windbg☆63Updated 8 years ago
- Yet another rule generator for Yara☆28Updated 4 years ago
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- Alternative YARA scanning engine☆70Updated 2 years ago
- ☆22Updated 4 years ago
- A ready-made template for a project based on libpeconv.☆47Updated 2 months ago
- Utilities for working with vivisect☆25Updated last month
- ☆10Updated 4 years ago
- ssdeep cluster analysis for malware files☆30Updated 4 years ago
- Native Python3 bindings for @horsicq's Detect-It-Easy☆64Updated last month
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated 10 months ago
- Parse .NET executable files.☆76Updated 2 months ago
- View handles and object for each object type☆63Updated 5 years ago