Pinned Repositories
build-asuswrt-merlin
Helpers to build RMerl/asuswrt-merlin without much extra typing
ddkbuild
This is the OSR flavor of ddkbuild, called ddkbuild.cmd, whose maintenance I took over at some point after attending an OSR seminar in Edinburgh in 2005. No pull requests (this is actually a mirrored Mercurial repo).
msvc-undoc
Undocumented MSVC
Nidhogg
Nidhogg is an all-in-one simple to use rootkit for red teams.
ntobjx
Replacement for WinObj
NtPebTeb
Little tool and (header-only lib) to investigate Windows Internals. Shout out to @zodiacon. No pull requests (this is actually a mirrored Mercurial repo).
runassys
Using the debug privilege to elevate from BUILTIN\Administrators to NT AUTHORITY\SYSTEM in the same console window
scripts
Scripts I wrote at some point to help me with some task. There are a few bits and pieces from others, though. So look out for copyright headers in the files. No pull requests (this is actually a mirrored Mercurial repo).
vs-project-zoo
Visual Studio project zoo (2005 through 2022)
assarbad's Repositories
assarbad/ddkbuild
This is the OSR flavor of ddkbuild, called ddkbuild.cmd, whose maintenance I took over at some point after attending an OSR seminar in Edinburgh in 2005. No pull requests (this is actually a mirrored Mercurial repo).
assarbad/ddkwizard
DDKWizard is a project creation wizard for Visual Studio .NET, .NET 2003, 2005 and 2008. It allows to wrap the standalone DDK/WDK build process in a Visual Studio solution. No pull requests (this is actually a mirrored Mercurial repo).
assarbad/premake-4.x-stable
Friendly Premake4 fork which I am maintaining for the benefit of WinDirStat and other projects
assarbad/maerchen
Märchen mit LaTeX gesetzt, flexibel in Fraktur oder modern, sowohl mit langem ſ als auch ohne
assarbad/shntool
shntool is a multi-purpose WAVE data processing and reporting utility. File formats are abstracted from its core, so it can process any file that contains WAVE data, compressed or not - provided there exists a format module to handle that particular file type.
assarbad/agekey
A little program to help enter cheat codes way faster in the Age of Empires game series as well as Age of Mythology. No pull requests (this is actually a mirrored Mercurial repo).
assarbad/andOTP
Open source two-factor authentication for Android
assarbad/arrived
Tool to run actions when (USB) devices are plugged in Win32. No pull requests (this is actually a mirrored Mercurial repo).
assarbad/binsec
The Swiss Army Knife for Binary (In)security
assarbad/containerized-kiwix-server
Your own Wikipedia server in a box.
assarbad/createprocess-windows
A complete, robust command-line utility to construct highly customized calls to the CreateProcess() Windows API. Released under a MIT or LGPL license.
assarbad/evil-mhyprot-cli
A PoC for Mhyprot2.sys vulnerable driver that allowing read/write memory in kernel/user via unprivileged user process.
assarbad/ExportNotExportablePrivateKey
Tool to export otherwise non-exportable RSA keys on Windows
assarbad/FastWinDirStat
Fork of WinDirStat. Much faster, some bugs fixed.
assarbad/fcd
An optimizing decompiler
assarbad/FilelessRemotePE
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
assarbad/ida_migrator
IDA Migrator is an IDA Pro plugin which helps migrate existing work from one database instance to another. It Conveniently migrates function names, structures and enums.
assarbad/ImpulsiveDLLHijack
C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
assarbad/InstallerFileTakeOver
assarbad/msft-warbird
Reimplementation of Microsoft's Warbird obuscator
assarbad/objmgr-viewer
This code is ancient. Read the README for details. No pull requests (this is actually a mirrored Mercurial repo). Archiving it, too.
assarbad/physmem_drivers
A collection of various vulnerable (mostly physical memory exposing) drivers.
assarbad/processhistory
A free and portable process database
assarbad/rust-playground
assarbad/Self-TrustedInstaller-Starter
An application that starts itself as trusted installer if started with administration privileges
assarbad/SFTA
Set File Type Association
assarbad/SublimeTutor
An interactive in-editor keyboard shortcuts tutorial for Sublime Text 3
assarbad/warbird-hook
Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
assarbad/windows-software-policy
Research on obfuscated licensing APIs / CLIP service in the Windows kernel
assarbad/winspd
Windows Storage Proxy Driver - User mode disk storage