Alternatives and similar repositories for uthenticode:

Users that are interested in uthenticode are comparing it to the libraries listed below

• ntdiff / ntdiff
  ☆124Updated 4 months ago
• wbenny / EtwConsumerNT
  Simple project that demonstrates how an ETW consumer can be created just by using NTDLL
  ☆139Updated 5 years ago
• AndreyBazhan / SymStore
  The history of Windows Internals via symbols.
  ☆178Updated 3 years ago
• kobykahane / NpEtw
  Named pipe I/O ETW provider for Windows
  ☆69Updated 4 years ago
• msuiche / LiveCloudKd
  Hyper-V Research is trendy now
  ☆177Updated 9 months ago
• avakar / vcrtl
  C++ Exceptions in Windows Drivers
  ☆204Updated 4 years ago
• google / vxsig
  Automatically generate AV byte signatures from sets of similar binaries.
  ☆263Updated 2 months ago
• ntdiff / headers
  ☆156Updated 4 months ago
• DownWithUp / ALPC-Example
  An example of a client and server using Windows' ALPC functions to send and receive data.
  ☆94Updated 3 weeks ago
• vagnerpilar / windbgtree
  A command tree based on commands and extensions for Windows Kernel Debugging.
  ☆107Updated 4 years ago
• gerhart01 / LiveCloudKd
  Hyper-V Research is trendy now
  ☆158Updated this week
• hugsy / windbg_js_scripts
  Toy scripts for playing with WinDbg JS API
  ☆224Updated 7 months ago
• CheckPointSW / showstopper
  ShowStopper is a tool for helping malware researchers explore and test anti-debug techniques or verify debugger plugins or other solution…
  ☆198Updated 2 years ago
• DownWithUp / CallMon
  CallMon is an experimental system call monitoring tool that works on Windows 10 versions 2004+ using PsAltSystemCallHandlers
  ☆130Updated 4 years ago
• vovkos / protolesshooks
  API monitoring via return-hijacking thunks; works without information about target function prototypes.
  ☆114Updated 4 years ago
• Winbagility / Winbagility
  [ARCHIVED] mov rax, ${Thalium/IceBox}; jmp rax;
  ☆72Updated 5 years ago
• thinkcz / pico-toolbox
  PICO processes toolbox, playground for PICO processes research
  ☆72Updated 7 years ago
• IntroVirt / IntroVirt
  IntroVirt is an guest introspection library for KVM
  ☆54Updated 5 months ago
• leeqwind / PESignAnalyzer
  This program can retrieve signature information from PE files which signed by one or more certificates on Windows. Supporting multi-signe…
  ☆99Updated 2 years ago
• kevoreilly / capemon
  capemon: CAPE's monitor
  ☆107Updated last week
• sysprogs / VirtualKD
  ☆224Updated 3 years ago
• vol4ok / libsplice
  Library for kernel and user mode splicing for Windows (x86 and x64).
  ☆63Updated 12 years ago
• OSRDrivers / kmexts
  Simple driver to register all available process, thread, image, Registry, and Object callbacks
  ☆117Updated 7 years ago
• IgorKorkin / MemoryRanger
  MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. M…
  ☆220Updated 4 years ago
• upring / virtdbg
  Automatically exported from code.google.com/p/virtdbg
  ☆98Updated 9 years ago
• 0xcpu / ExecutiveCallbackObjects
  Research on Windows Kernel Executive Callback Objects
  ☆284Updated 4 years ago
• Sentinel-One / SKREAM
  SentinelOne's KeRnel Exploits Advanced Mitigations
  ☆52Updated 6 years ago
• ralphje / signify
  Module to generate and verify PE signatures
  ☆45Updated 2 months ago
• 0vercl0k / kdmp-parser
  A Windows kernel dump C++ parser library with Python 3 bindings.
  ☆196Updated 7 months ago
• pstolarz / dumpext
  WinDbg debugger extension library providing various tools to analyse, dump and fix (restore) Microsoft Portable Executable files for both…
  ☆82Updated 5 months ago