K2
K2/ktwo/Shane Ruled by chaotic energy, I'm always under test, full sender, progressive, world collider, ENTP. Security tested billions of lines :D
# Despite my day job thoughts and opinions are my own, I hope that's the only thing I _HAVE_ to say ;) New York, NY
Pinned Repositories
ADMMutate
Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I hope nobody uses signatures for anything (virus / malware scanners included).
CapstoneCore
CoreCLR 64bit Capstone bindings
EhTrace
ATrace is a tool for tracing execution of binaries on Windows.
HashLib
fork from http://hashlib.codeplex.com
LanguageBackdoors
Compiler exploits and exploitable non-obvious source code back doors.
Reloc
Transform dumped executable memory back into an identical match from disk. Use network or local database to de-locate relocated binaries and ensure a cryptographically secure hash match for code running on your legacy systems. A client tool that downloads relocation data for various PE files. This ensures when extracting data from memory dumps that you can match memory to disk files precisely.
Scripting
PS / Bash / Python / Other scripts For FUN!
CRoaring
Roaring bitmaps in C (and C++), with SIMD (AVX2, AVX-512 and NEON) optimizations: used by Apache Doris, ClickHouse, and StarRocks
inVtero.net
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
K2's Repositories
K2/EhTrace
ATrace is a tool for tracing execution of binaries on Windows.
K2/ADMMutate
Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I hope nobody uses signatures for anything (virus / malware scanners included).
K2/Scripting
PS / Bash / Python / Other scripts For FUN!
K2/LanguageBackdoors
Compiler exploits and exploitable non-obvious source code back doors.
K2/HashLib
fork from http://hashlib.codeplex.com
K2/Reloc
Transform dumped executable memory back into an identical match from disk. Use network or local database to de-locate relocated binaries and ensure a cryptographically secure hash match for code running on your legacy systems. A client tool that downloads relocation data for various PE files. This ensures when extracting data from memory dumps that you can match memory to disk files precisely.
K2/CapstoneCore
CoreCLR 64bit Capstone bindings
K2/HashServer
A Kestrel app server provides a just in time JitHash white list. The client is in powershell and can be used to test remote system memory for unknown code. Rendered doc's are here https://K2.github.io/HashServer/
K2/blackhat-arsenal-tools
Official Black Hat Arsenal Security Tools Repository
K2/awesome-forensics
A curated list of awesome forensic analysis tools and resources
K2/awesome-malware-analysis
A curated list of awesome malware analysis tools and resources
K2/inVtero.net
inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques
K2/K2
Musings from a life in Security.
K2/oss-fuzz
OSS-Fuzz - continuous fuzzing for open source software.
K2/xdna-driver
forked
K2/awesome-incident-response
A curated list of tools for incident response
K2/Capstone.NET
C# 64 bit binding for capstone
K2/CRoaring
Roaring bitmaps in C (and C++)
K2/envoy
Cloud-native high-performance edge/middle/service proxy
K2/K2.github.io
Public projects I'm able to release as open source projecs
K2/metaflow
:rocket: Build and manage real-life data science projects with ease!
K2/php-src
The PHP Interpreter
K2/shaderc
A collection of tools, libraries, and tests for Vulkan shader compilation.
K2/storage-blob-dotnet-getting-started
The getting started sample demonstrates how to perform common tasks using the Azure Blob Service in .NET including uploading a blob, CRUD operations, listing, as well as blob snapshot creation.
K2/syzkaller
syzkaller is an unsupervised coverage-guided kernel fuzzer
K2/WAVM
WebAssembly Virtual Machine