A cross-platform library for verifying Authenticode signatures
☆163Nov 24, 2025Updated 3 months ago
Alternatives and similar repositories for uthenticode
Users that are interested in uthenticode are comparing it to the libraries listed below
Sorting:
- Simple project that demonstrates how an ETW consumer can be created just by using NTDLL☆146Feb 23, 2019Updated 7 years ago
- Checksec, but for Windows: static detection of security mitigations in executables☆609Jan 13, 2025Updated last year
- Simple driver to register all available process, thread, image, Registry, and Object callbacks☆124Oct 5, 2017Updated 8 years ago
- Various WinDbg extensions and scripts☆33Sep 13, 2018Updated 7 years ago
- Principled, lightweight C/C++ PE parser☆888Jan 12, 2026Updated last month
- The goal of the tool is to monitor requests received by selected device objects or kernel drivers. The tool is quite similar to IrpTracke…☆409Dec 27, 2024Updated last year
- Mitigating DLL preloading attacks.☆66Jun 25, 2025Updated 8 months ago
- The history of Windows Internals via symbols.☆181Nov 4, 2021Updated 4 years ago
- ☆12Dec 15, 2016Updated 9 years ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- Use ci.dll API for validating Authenticode signature of files☆167Mar 28, 2022Updated 3 years ago
- PoC memory injection detection agent based on ETW, for offensive and defensive research purposes☆301Apr 10, 2021Updated 4 years ago
- codes for my blog post: https://secrary.com/Random/InstrumentationCallback/☆183Nov 30, 2017Updated 8 years ago
- ☆131Oct 2, 2024Updated last year
- This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…☆103Sep 20, 2022Updated 3 years ago
- A YARA-integrated process denial framework for Windows☆398Feb 15, 2020Updated 6 years ago
- Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementation☆53Dec 27, 2016Updated 9 years ago
- Windows API Call Obfuscation☆112Dec 9, 2022Updated 3 years ago
- penter hook example and driver time recorder☆31Oct 2, 2017Updated 8 years ago
- A cross-platform rust no-std library for verifying and extracting signature information from PE files.☆73Dec 2, 2024Updated last year
- ☆18Oct 12, 2014Updated 11 years ago
- Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999☆240Nov 6, 2019Updated 6 years ago
- Windows WDM driver filters to filter IO to devices and file systems☆56Apr 3, 2017Updated 8 years ago
- clone of armadillo patched for windows☆48Oct 22, 2024Updated last year
- Turn off PatchGuard in real time for win7 (7600) ~ later☆1,037Apr 21, 2022Updated 3 years ago
- Windows Manipulation Library (x64, User/Kernelmode)☆77Oct 4, 2018Updated 7 years ago
- proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC☆1,272May 1, 2024Updated last year
- Windows Kernel Driver with C++ runtime☆181Sep 26, 2020Updated 5 years ago
- ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…☆222Jul 10, 2022Updated 3 years ago
- Demonstrate the new FileDispositionInfoEx behavior☆15Nov 6, 2017Updated 8 years ago
- Sysmon-Like research tool for ETW☆386Nov 15, 2022Updated 3 years ago
- An open source library for operating the Windows Overlay Filter driver.☆22Jan 16, 2019Updated 7 years ago
- Library that allows you to run 64bit code on a Wow64 32bit process☆148May 17, 2017Updated 8 years ago
- LLVM Obfuscator / constexpr / PEB CALL API☆182Jan 24, 2019Updated 7 years ago
- Syscall Monitor is a system monitor program (like Sysinternal's Process Monitor) using Intel VT-X/EPT for Windows7+☆747Jun 26, 2017Updated 8 years ago
- Run Processes as PPL with ELAM☆177Mar 17, 2022Updated 3 years ago
- Defeating Patchguard universally for Windows 8, Windows 8.1 and all versions of Windows 10 regardless of HVCI.☆905Nov 21, 2019Updated 6 years ago
- 一个可以帮助你进行Windows驱动开发和分析的工具。☆46Jun 13, 2021Updated 4 years ago
- Authenticode Hash Calculator for PE32/PE32+ files☆121Jul 2, 2025Updated 8 months ago