ralphje / signify
Module to generate and verify PE signatures
☆42Updated last month
Related projects ⓘ
Alternatives and complementary repositories for signify
- A cross-platform library for verifying Authenticode signatures☆139Updated 3 weeks ago
- pyGoRE - Python library for analyzing Go binaries☆64Updated 2 years ago
- Alternative YARA scanning engine☆67Updated 2 years ago
- capemon: CAPE's monitor☆102Updated last week
- Parsing of YARA rules into AST and building new rulesets in C++.☆120Updated 3 weeks ago
- Windows Event Log Knowledge Base☆18Updated last month
- Pure Python parser for data encoded by .NET's BinaryFormatter☆49Updated 6 years ago
- ☆13Updated 2 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆50Updated 2 years ago
- Library and tools to access the Windows Minidump (MDMP) format☆38Updated 4 months ago
- zer0m0n driver for cuckoo sandbox☆87Updated 8 years ago
- Trace events in real time sessions☆43Updated last year
- Golang parser for OLE files☆31Updated 5 months ago
- Tools for inspecting YARA bytecode☆16Updated 4 years ago
- Named pipe I/O ETW provider for Windows☆67Updated 4 years ago
- A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.☆51Updated 3 years ago
- Log ALPC activity☆80Updated last year
- This is a simple tool to dump all the reparse points on an NTFS volume.☆31Updated 4 years ago
- YARA Language Server☆68Updated this week
- Repository of vulnerabilities disclosed by ESET☆27Updated 2 years ago
- Windows Drivers☆95Updated 5 years ago
- Metadata hash incorporating the Rich Header for robustness against packing and other malware tricks☆62Updated 3 years ago
- A cross-platform Python toolkit for parsing/writing PE files.☆63Updated 5 months ago
- ☆112Updated 8 years ago
- Python module to extract Ascii, Utf8, and Unicode strings from binary data. Lightning fast wrapper around c++ compiled code.☆52Updated 7 months ago
- Use YARA rules on Time Travel Debugging traces☆86Updated last year
- Google Chrome internals analysis using Volatility☆41Updated 2 years ago
- A tool that automates regex generation for the x86 and x86-64 instruction sets☆62Updated 7 months ago
- Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.☆16Updated 8 months ago
- A slightly stripped down version of RID (an exercise in learning python C-Types...some of it is a little rushed/sloppy) and a stripped do…☆52Updated 12 years ago