kyle's repositories
CuteScript
a very short and simple php revshell I used against CuteNews 2.1.2 rce
KeyTabExtract
Extracts Key Values from .keytab files
admpwd
AdmPwd project
AQUARMOURY
My musings in C and offensive tooling
CallbackDisabler
Disable Driver Callbacks
DAMP
The Discretionary ACL Modification Project: Persistence Through Host-based Security Descriptor Modification
DotNetToJScript
A tool to create a JScript file which loads a .NET v2 assembly from memory.
GetSystem
This is a C# implementation of making a process/executable run as NT AUTHORITY/SYSTEM. This is achieved through parent ID spoofing of almost any SYSTEM process.
hello-world-dll
a DLL that will show a MessageBox with the message, "Hello world!"
InterceptorCLI
This is a command line interface for the Interceptor library
Invoke-TheHash
PowerShell Pass The Hash Utils
Koppeling
Adaptive DLL hijacking / dynamic export forwarding
Misc-PowerShell
Misc. PowerShell scripts
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
SpoolSample
PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.
StayKit
Cobalt Strike kit for Persistence
STFUEDR
Silence EDRs by removing kernel callbacks
SylantStrike
Simple EDR implementation to demonstrate bypass
TamperETW
PoC to demonstrate how CLR ETW events can be tampered.
TokenPlayer
Manipulating and Abusing Windows Access Tokens.