Volatility plugin to validate Authenticode-signed processes, either with embedded signature or catalog-signed
☆20Jun 13, 2023Updated 2 years ago
Alternatives and similar repositories for sigcheck
Users that are interested in sigcheck are comparing it to the libraries listed below
Sorting:
- Tools for signing Windows files☆15Updated this week
- idax: IDASDK extension libraries☆22Oct 12, 2025Updated 4 months ago
- extract and parse WEVT_TEMPLATEs from PE files☆18Dec 30, 2023Updated 2 years ago
- Automatically exported from code.google.com/p/reverse-engineering-scripts☆18Apr 13, 2015Updated 10 years ago
- Golang port of pefile☆25Jul 17, 2017Updated 8 years ago
- Pure Rust fuzzy hash implementation☆22Mar 13, 2023Updated 2 years ago
- Simple tool to use LsaManageSidNameMapping get LSA to add or remove SID to name mappings.☆25Oct 25, 2020Updated 5 years ago
- Simple, secure Authenticode and GPG code signing server☆23Dec 9, 2022Updated 3 years ago
- Manage Your Large Team of Consultants☆11Sep 18, 2025Updated 5 months ago
- Containerized IDA Pro (Windows/Wine), DEPRECIATED, please use https://github.com/NyaMisty/docker-wine-ida☆26Nov 23, 2017Updated 8 years ago
- Sandboxie Python Client☆24Jun 29, 2012Updated 13 years ago
- Event metadata collected across all manifest-based ETW providers on Window 10 1903☆31Nov 25, 2019Updated 6 years ago
- penter hook example and driver time recorder☆31Oct 2, 2017Updated 8 years ago
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆33Jan 14, 2026Updated last month
- Capture BAT is a behavioral analysis tool of applications for the Win32 operating system family.☆32Jun 28, 2013Updated 12 years ago
- Parses the WMI object database....looking for persistence☆34Dec 12, 2019Updated 6 years ago
- File integrity monitor with malware detection using machine learning☆14May 23, 2024Updated last year
- Golang port of PEFile☆32Jul 23, 2020Updated 5 years ago
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Mar 13, 2017Updated 8 years ago
- ☆30Nov 8, 2017Updated 8 years ago
- PKCS#11 Private Key Extractor☆11May 7, 2017Updated 8 years ago
- The Code implements the following: => Storing a file => Retrieving a file. Key Technologies used are PHP,HTML 5☆12Feb 5, 2023Updated 3 years ago
- A clone of FD (File & Directory tool) by T.Shirai☆16Jan 29, 2014Updated 12 years ago
- ☆12Dec 14, 2016Updated 9 years ago
- Minimal C port of UTF8-CPP☆12Jun 2, 2019Updated 6 years ago
- Primarily aimed at replicating files that cannot be directly copied due to being in use.☆11Apr 22, 2024Updated last year
- Envoy Wasm filter for traffic tracing used in APIClarity.☆13Jun 19, 2024Updated last year
- RemDisk is a software capable of creating and mounting RAM-based or file-based, plain or encrypted, virtual disks☆45Aug 20, 2019Updated 6 years ago
- Export MISP attributes in Yara☆12Sep 15, 2017Updated 8 years ago
- File & Folders protecting tool in Windows OS using password functionalities with hiding features.☆12Jan 30, 2022Updated 4 years ago
- Demonstrate the behavior of the tunnel cache on Windows☆11Aug 13, 2019Updated 6 years ago
- PowerShell scripts to aid investigators when utilizing O365 and Magnet Axiom.☆12Aug 26, 2024Updated last year
- A bunch of library code that can easily be included in new/prototype projects with few (usually zero) dependencies, even on themselves.☆12Jul 26, 2020Updated 5 years ago
- Slides and Workshop Instructions for a BPF Introduction @Sqreen☆12Sep 10, 2019Updated 6 years ago
- Implementation of Max Kellermann's exploit for CVE-2022-0847☆12Mar 8, 2022Updated 3 years ago
- Simple python project using the COM (DDE) API under win32 to convert nsf documents databases to other formats, mainly targetting mbox & i…☆10Apr 15, 2017Updated 8 years ago
- Writeups of some of PicoCTF 2017 challenges.☆10Aug 3, 2018Updated 7 years ago
- A starter fastapi application that is configured to be deployed to AWS vis the Docker ECS plugin☆10Sep 2, 2020Updated 5 years ago
- emoji for golang☆10Aug 7, 2014Updated 11 years ago