ralphje / signify
Module to generate and verify PE signatures
☆49Updated 3 months ago
Alternatives and similar repositories for signify:
Users that are interested in signify are comparing it to the libraries listed below
- pyGoRE - Python library for analyzing Go binaries☆64Updated 3 years ago
- A cross-platform library for verifying Authenticode signatures☆147Updated last month
- anti-ransomware file-system filter☆57Updated 6 months ago
- Trace events in real time sessions☆45Updated last year
- capemon: CAPE's monitor☆110Updated last week
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆52Updated 2 years ago
- A set of small utilities, helpers for PIN tracers☆31Updated last year
- Utilities for working with vivisect☆25Updated 3 weeks ago
- Parse .NET executable files.☆76Updated 2 months ago
- Library and tools to access the Windows Prefetch File (SCCA) format.☆73Updated 3 months ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated 9 months ago
- ☆16Updated last year
- CmdDesktopSwitch is a small utility that lists all windows desktops and provides the option to switch between them. This can be used to i…☆34Updated 8 years ago
- Pure Python parser for data encoded by .NET's BinaryFormatter☆50Updated 6 years ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Updated last year
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆55Updated 3 years ago
- Named pipe I/O ETW provider for Windows☆70Updated 4 years ago
- GetHooks is a program designed for the passive detection and monitoring of hooks from a limited user account.☆61Updated 3 years ago
- File system minifilter driver for Windows to block symbolic link attacks.☆51Updated 4 years ago
- Enumerate Windows Defender threat families and dump their names according category☆90Updated 5 years ago
- Yet another rule generator for Yara☆28Updated 4 years ago
- Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.☆17Updated last year
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆73Updated 5 years ago
- IDAPython scripts☆15Updated 7 years ago
- Python implementation of LZNT1 compression/decompression☆64Updated 5 years ago
- IDA plugin to explore and browse tags☆54Updated 5 years ago
- YARA Language Server☆69Updated this week
- Parsing of YARA rules into AST and building new rulesets in C++.☆123Updated last week
- Log ALPC activity☆82Updated last year
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆70Updated 11 months ago