reverseame / sigcheckLinks
Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed
☆20Updated 2 years ago
Alternatives and similar repositories for sigcheck
Users that are interested in sigcheck are comparing it to the libraries listed below
Sorting:
- Plugin for x64dbg to generate Yara rules from function basic blocks.☆36Updated 7 years ago
- IDARay is an IDA Pro plugin that matches the database against multiple YARA files which themselves may contain multiple rules.☆18Updated 6 years ago
- penter hook example and driver time recorder☆31Updated 7 years ago
- Helper utility for debugging windows PE/PE+ loader.☆52Updated 10 years ago
- Use WinDBG to trace the Windows API calls of any Portable Executable file☆31Updated 8 years ago
- Robust API monitoring system presented in the paper "Designing Robust API Monitoring Solutions" (IEEE TDSC)☆24Updated 3 years ago
- idenLib (Library Function Identification) plugin for x32dbg☆42Updated 6 years ago
- A collection of empty MSVC projects, compiled using various versions and configurations of Visual Studio.☆32Updated last year
- Authenticode-parser is a simple C library for Authenticode format parsing using OpenSSL.☆18Updated last year
- function identification signatures☆12Updated 4 years ago
- [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;☆74Updated 6 years ago
- Patch exporter for x64dbg☆31Updated 7 years ago
- libemu shim layer and win32 environment for Unicorn Engine☆72Updated 8 years ago
- Adding exceptions to Microsoft's Control Flow Guard (CFG)☆58Updated 9 years ago
- Driver and WinDBG scripts to dump information about all resources and lookaside lists☆68Updated 5 years ago
- OpenHIPS prevents exploitation of Windows systems☆35Updated 12 years ago
- An IDA plugin to deal with Event Tracing for Windows (ETW)☆55Updated 3 years ago
- ☆18Updated 7 years ago
- Malware Analysis, Anti-Analysis, and Anti-Anti-Analysis☆45Updated 7 years ago
- My commands and scripts extending WinDbg☆36Updated 3 months ago
- IDAPython scripts☆15Updated 7 years ago
- Resources for the workshop titled "Repacking the unpacker: Applying Time Travel Debugging to malware analysis", given at HackLu 2019☆42Updated 5 years ago
- An API Monitor based on Instrumentation☆43Updated 7 years ago
- Named pipe I/O ETW provider for Windows☆70Updated 4 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 8 years ago
- A command line tool to load and unload a device driver.☆47Updated 8 years ago
- ☆11Updated 10 years ago
- This x64dbg plugin adds several commands for dumping PE header information by address.☆63Updated 8 years ago
- ☆34Updated 4 years ago
- A python script that can be used to scan data within in an IDB using Yara.☆23Updated 6 years ago