mttaggart / quasar
quASAR: ASAR manipulation made easy
☆24Updated 2 years ago
Related projects: ⓘ
- Attack chain emulator. Write recipes for initial access easily☆19Updated last year
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆29Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆21Updated last week
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆70Updated last year
- ☆50Updated this week
- ☆18Updated this week
- Python module for running BOFs☆63Updated last year
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆18Updated 9 months ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆18Updated 2 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆47Updated last year
- ☆47Updated last year
- ☆62Updated last month
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆50Updated 4 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆77Updated last year
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆56Updated 11 months ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆64Updated 2 months ago
- ☆57Updated 9 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆37Updated last year
- ☆23Updated 3 years ago
- ☆68Updated last year
- A pure C version of SymProcAddress☆23Updated 6 months ago
- Simple and sane cryptographic wrapper library.☆26Updated last year
- A more reliable way of resolving syscall numbers in Windows☆49Updated 7 months ago
- Python3 rewrite of AsOutsider features of AADInternals☆25Updated last week
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆37Updated 2 years ago
- ☆22Updated 9 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆77Updated 7 months ago