11 Repos
Tools for verifying the authenticity and integrity of software binaries using cryptographic signatures and checksums.
Explore 11 awesome GitHub repositories matching security & cryptography · Binary Integrity Verification. Refine with filters or upvote what's useful.
This project is a collection of batch-based automation tools designed for managing software licensing, system configuration, and deployment. It provides a comprehensive toolkit for authorizing operating systems and productivity suites through various methods, including digital licensing, volume activation, and key management service emulation. The toolkit distinguishes itself by offering specialized routines for both modern and legacy software environments. It employs advanced techniques such as hardware identity generation, dynamic memory hooking, and registry-level state manipulation to mai
Calculates and compares cryptographic checksums of downloaded installation files against known official values to ensure integrity.
Bun is a high-performance runtime environment designed to execute JavaScript and TypeScript applications with minimal latency and high throughput. Built on a native core implemented in Zig, it provides a unified execution engine that leverages JavaScriptCore for efficient memory management and low-latency startup. The project functions as an all-in-one toolchain, integrating a native bundler, transpiler, package manager, and test runner into a single command-line interface. What distinguishes Bun is its focus on native system integration and developer productivity. It features a high-performa
Applies system-level security signatures and entitlements to standalone binaries to satisfy operating system requirements and prevent execution warnings.
This project is a cryptographic consensus engine and distributed ledger client that functions as a peer-to-peer network node. It enables decentralized network participation by allowing users to independently validate transactions and blocks, ensuring data integrity and consensus without reliance on a centralized authority. The software utilizes an unspent transaction output model to track ownership and verify state transitions across the network. What distinguishes this implementation is its commitment to verifiable security and deterministic operation. It features a reproducible build system
Confirms binary authenticity through cryptographic checksums and digital signature validation to prevent the use of unauthorized or tampered software.
UPX is a command-line utility designed to reduce the file size of compiled programs and shared libraries. It functions as an executable binary compressor that maintains the ability for files to run natively without requiring additional runtime dependencies or external decompression software. The tool operates by parsing executable headers and applying entropy-based compression to code segments. It achieves this by injecting a self-extracting stub into the binary, which facilitates in-place memory decompression during the initial execution phase. This process includes platform-specific binary
Verifies the structural integrity of compressed binaries by checking internal checksums to ensure they remain secure.
TheZoo is a centralized repository and management system designed for the storage, organization, and retrieval of live malicious software samples. It provides a structured environment for security researchers and educators to access, track, and analyze dangerous code for the purpose of threat intelligence and defense development. The system utilizes a command-line interface to manage the lifecycle of malware samples, including the preparation of new submissions and the querying of a centralized database. To ensure safety and authenticity, the platform stores binaries in password-protected, en
Validates the authenticity and integrity of malicious binaries using cryptographic hash verification during retrieval.
Opensnitch is a host-based application firewall for Linux that monitors and intercepts outbound network connections in real time. By hooking into kernel-level interfaces, it tracks system-wide network activity and maps connection attempts to specific local processes, allowing users to explicitly permit or deny traffic on a per-application basis. The project distinguishes itself through its ability to manage security policies across multiple distributed nodes from a single, unified dashboard. This centralized management is secured via encrypted socket communication, enabling consistent rule en
Validates the checksum of an application to prevent unauthorized or modified binaries from establishing connections.
mason.nvim is an external tool orchestrator and package manager for Neovim. It automates the installation and lifecycle management of language servers, debuggers, and formatters by acting as a client for remote tooling registries. The project functions as a security-focused installer, utilizing a security firewall to scan and block the installation of compromised or malicious packages. It synchronizes local metadata with remote registries to discover and update available development software. The system handles the full lifecycle of external binaries, including downloading, versioning, and r
Implements checksum-based verification to ensure the authenticity and integrity of downloaded binaries.
This project is a game source code decompilation effort that reconstructs a functional C source code representation of a commercial game from its original binary. It provides a compilation system designed to produce binary ROM files that are bit-for-bit identical to original commercial releases. The project utilizes a containerized toolchain environment to ensure consistent compilation of legacy game source code across different operating systems. This pipeline transforms the decompiled C source into hardware-compatible binaries for the Nintendo 64. The workflow encompasses C-based source re
Compares the hash of the newly built binary against original files to ensure byte-perfect accuracy.
Github-Store is an open source software store and release manager designed to discover, install, and update binaries directly from GitHub repository releases. It functions as a centralized catalog for browsing open source projects that provide pre-compiled binaries compatible with the user's current operating system. The system automates the downloading and installation of platform-specific assets and includes a version tracker to notify users when new releases are available. It utilizes a security layer to validate downloaded assets through checksum-based integrity verification and cryptogra
Validates downloaded assets by comparing file hashes against published digests to ensure binary authenticity.
Pyarmor ist ein Toolset zum Schutz von Python-Software durch Quellcode-Obfuskation, Bytecode-Schutz und Binärkompilierung. Es fungiert als Code-Obfuskator, Bytecode-Protektor und Binär-Compiler, der darauf ausgelegt ist, Reverse Engineering und unbefugten Zugriff auf Python-Skripte und -Pakete zu verhindern. Das Projekt zeichnet sich durch die Bereitstellung eines umfassenden Software-Lizenzmanagers aus, der hardwaregebundene Lizenzierung ermöglicht. Dies erlaubt Entwicklern, die Skriptausführung an spezifische physische Geräte oder virtuelle Maschinen zu binden und strikte Ablaufdaten mittels verschlüsselter Laufzeitschlüssel durchzusetzen. Die breiteren Funktionen decken die sichere Verteilung durch die Generierung obfuskierter Wheels und eigenständiger ausführbarer Dateien für mehrere Plattformen ab. Die Sicherheitsoberfläche umfasst Laufzeit-Integritätsprüfungen, wie z. B. die Verhinderung von Debugger-Anhängen, Schutz auf Speicherebene und die Konvertierung von Python-Funktionen in kompilierte C-Erweiterungen. Das Tool enthält ein Command-Line-Interface und unterstützt die Integration in CI/CD-Pipelines, um den Obfuskationsprozess während der Builds zu automatisieren.
Uses hooks to verify the checksum of the runtime extension module, ensuring the binary remains untampered.
Molly is a privacy-focused Android messenger and a client for the Matrix open standard. It functions as a decentralized, end-to-end encrypted communication tool that allows users to interact across federated networks without a central authority. The application implements several security-centric features, including binary integrity verification to ensure the authenticity of the installed build and RAM-overwrite memory sanitization to prevent sensitive data leakage. It provides local database encryption secured by user-defined passphrases and supports routing network traffic through proxies o
Verifies the authenticity of the installed binary by comparing it against official distributions to ensure code integrity.