kyle's repositories
RedTeamHelp
Tools I use on red team engagements and more
MalwareDevelopment
The projects im more confident in while learning Malware Development
MaldevJourney
Learning Offensive cpp/# for rtl/threat emulation.
Windows-driver-samples
This repo contains driver samples prepared for use with Microsoft Visual Studio and the Windows Driver Kit (WDK). It contains both Universal Windows Driver and desktop-only driver samples.
CrackMapExec
A swiss army knife for pentesting networks
fewerstealer
🦊 🧊 Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Autofills, Information, Discord, Telegram, Filezilla, Spotify)
Inline-Execute-PE
Execute unmanaged Windows executables in CobaltStrike Beacons
LdrLibraryEx
A small x64 library to load dll's into memory.
ntqueueapcthreadex-ntdll-gadget-injection
This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.
Proxy-Function-Calls-For-ETwTI
The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
Sharp-Suite
Also known by Microsoft as Knifecoat :hot_pepper:
SharpPrivesc
Practicing C# and bringing multiple things together for one program. Still noob stuff. Privesc checks and the like.
Shhhloader
Syscall Shellcode Loader (Work in Progress)
threadless_loader_rs
Threadless Injection Payload Toolkit
vcenter_saml_login
A tool to extract the IdP cert from vCenter backups and log in as Administrator
windows-ps-callbacks-experiments
Files for http://blog.deniable.org/posts/windows-callbacks/
Windows_LPE_AFD_CVE-2023-21768
LPE exploit for CVE-2023-21768
ROP_ROCKET
ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Syscalls attack, a novel Heaven's Gate, and "shellcodeless" ROP. The framework utilizes emulation and obfuscation to help expand the attack surface.