k4nfr3's repositories
XDR_scripts
A few XDR Scripts
panos-scanner
Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.
ritadnspysolver
Real Intelligence Threat Analytics - Python addon scripts
nmap-scripts
repository containing some nmap scripts
Probatorum-EDR-Userland-Hook-Checker
Project to check which Nt/Zw functions your local EDR is hooking
CVE-2018-13379-Fortinet
FortiVuln
ioctl_tools
some tools for driver research
C2-JARM
A list of JARM hashes for different ssl implementations used by some C2/red team tools.
CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities.
HowTo
Lots of script for everything and nothing
Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
Invoke-EDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.
ntfsdump
Extract files from NTFS Volume
plane-notify
Notify if a selected plane has taken off or landed using ADS-B data. Compares older data to newer data to determine if a landing or takeoff has occurred. As well as nav modes, emergency squawk and resolution advisory notifications. Can output to Twitter, Discord, Mastodon, and Telegram
TelemetrySourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
WebclientServiceScanner
Python tool to Check running WebClient services on multiple targets based on @leechristensen