mttaggart / quasarLinks
quASAR: ASAR manipulation made easy
☆38Updated 2 years ago
Alternatives and similar repositories for quasar
Users that are interested in quasar are comparing it to the libraries listed below
Sorting:
- ☆59Updated last year
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 10 months ago
- macOS dylib stager☆33Updated 4 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated 9 months ago
- ☆48Updated last year
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆39Updated 2 weeks ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆20Updated 2 months ago
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago
- ☆28Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆83Updated 2 years ago
- Sample Rust Hooking Engine☆36Updated last year
- Simple and sane cryptographic wrapper library.☆27Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- ☆69Updated last year
- A VSCode devcontainer for development of COFF files with batteries included.☆49Updated last year
- Python module for running BOFs☆70Updated last year
- ☆30Updated 5 months ago
- a tiny program to consume from ETW providers for research☆48Updated 5 months ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53Updated 5 years ago
- API Hammering with C++20☆47Updated 2 years ago
- Linux CS bypass technique☆33Updated 4 months ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- example using NtCreateUserProcess in rust☆19Updated 4 months ago
- Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h☆37Updated 7 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.☆11Updated 2 weeks ago
- Items related to the RedELK workshop given at security conferences☆29Updated last year