Tyler's repositories
GetLAPSPassword
A LAPS dumper written using the impacket library.
impacket-driverquery
A modified version of wmiquery.py used for remote driver enumeration via WMI
NtCreateUserProcess
Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html
XeroxDecrypter
A tool that leverages the Binary Ninja API to extract Xerox WorkCentre encryption keys from firmware images
OffensiveCSharp
Collection of Offensive C# Tooling
PRESENTATIONS
A collection of public talks/presentations I have given.
SHAPESHIFTER
Companion PoC for the "Adventures in Dynamic Evasion" blog post
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
ARRS-documentation
ARRS documentation
briscKernelDriver
Public disclosure of vulnerabilities identified in WindowsSCOPE kernel driver
DriverParse
A tool that checks for commonly abused driver functions and whether or not they're in known driver blocklists.
ExploitRemotingService
A tool to exploit .NET Remoting Services
impacket
Impacket is a collection of Python classes for working with network protocols.
LOLDrivers
Living Off The Land Drivers
MemProcFS
MemProcFS
metasploit-framework
Metasploit Framework
MiniDumpFS
Parse minidump files from system memory dumps using Ulf Frisk's vmm library
MsgKit
A .NET library to make MSG files without the need for Outlook - just testing some stuff
nutanix_terraform
A test repo for Nutanix+Terraform configuration
rainbowcrackalack
Rainbow table generation & lookup tools.
RoanokeChallengeWriteUp
a write-up for a random Roanoke-based CTF
SharpHound3
C# Data Collector for the BloodHound Project, Version 3
Shellcode-Downloader-CreateThread-Execution
This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.
SysWhispers
AV/EDR evasion via direct system calls.
VmmFrost
MemProcFS/Vmmsharp Wrapper for .NET6 with useful abstractions.
WireGuardHelper
A collection of WireGuard VPN helper scripts.