https://github.com/jpcertcc/quasarrat-analysis

QuasarRAT analysis tools and research report
https://github.com/jpcertcc/quasarrat-analysis

malware python3 security

Last synced: 3 months ago
JSON representation

QuasarRAT analysis tools and research report

• Host: GitHub
• URL: https://github.com/jpcertcc/quasarrat-analysis
• Owner: JPCERTCC
• License: other
• Created: 2020-12-01T04:41:05.000Z (about 4 years ago)
• Default Branch: main
• Last Pushed: 2023-12-22T06:05:03.000Z (about 1 year ago)
• Last Synced: 2023-12-22T07:25:02.272Z (about 1 year ago)
• Topics: malware, python3, security
• Language: Python
• Homepage:
• Size: 5.91 MB
• Stars: 23
• Watchers: 8
• Forks: 3
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# QuasarRAT Analysis

This repository publishes analysis reports and analysis tools for [Quasar](https://github.com/quasar/Quasar) and the Quasar family.

## Tools

Python tools for analyzing Quasar. These tools support Quasar version 1.3. We have future works to support version 1.4.

### quasarrat_client.py

Python script that fake a Quasar client.

![quasarrat_client](images/client.png)

### quasarrat_decode.py

Python script to decode and encode Quasar packet.

![quasarrat_decode](images/decode.png)

### quasarrat_panel.py

Python script that fake a Quasar C2 panel.

![quasarrat_panel](images/panel.png)

## Research results

### Slides

* Botconf 2020

  - https://github.com/JPCERTCC/QuasarRAT-Analysis/blob/master/slides/Botconf2020-Hunting_the_Quasar_Family.pdf

### Blog

TBA

### Quasar family

![Quasar family](images/Quasar.png)