KyleEvers's repositories
DomainInvestigator
Generates the corresponding IP(s), registrant information, country, and existence of a CDN/Load Balancer given a domain or list of domains
ShodanCIDRQuery
Query Shodan for a given CIDR range(s) saving the raw output or explicitly get Open Ports, Hostnames, and CVEs/Vulns
APIHashReplace
Repository for API Hashing script detailed in the Huntress Blog
AtomicSyscall
Tools and PoCs for Windows syscall investigation.
badger-builder
badger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles
CertCrawler
This script utilizes cert transparency logs to identify subdomains, identify if they are live, and identify the corresponding organizational ownership
SharpCollection
Daily builds of common C# offensive tools, built via Github actions
blom_key_distribution
Implementation of Blom's Key Distribution in Golang
bofhound
Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel
changeling
Change up a binary's embedded resources with this little creature.
DInjector
Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL
GraphStrike
Cobalt Strike HTTPS beaconing over Microsoft Graph API
HardHatC2
A c# Command & Control framework
Havoc
The Havoc Framework.
Ludus
Ludus is a system to build easy to use cyber environments, or "ranges" for testing and development.
ObfLoader
MAC, IPv4, UUID shellcode Loaders and Obfuscators to obfuscate the shellcode and using some native API to converts it to it binary format and loads it.
SharpC2
Command and Control Framework written in C#
SharpCollection-1
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
SharpHound4Cobalt
C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)
SharpUnhooker
C# Based Universal API Unhooker
SOAPHound
SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.
SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Spartacus
Spartacus DLL/COM Hijacking Toolkit
TangledWinExec
C# PoCs for investigation of Windows process execution techniques
XorStringsNET
Easy XOR string encryption for NET based binaries