WKL-Sec

White Knight LabsUSA

Pinned Repositories

dcomhijack
Lateral Movement Using DCOM and DLL Hijacking
Language:Python281 4 124
FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
Language:Assembly70 3 05
GregsBestFriend
GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
Language:C++175 4 032
HiddenDesktop
HVNC for Cobalt Strike
Language:C1.2k 15 5180
LayeredSyscall
Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.
Language:C208 3 127
Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
Language:YARA375 5 341
StackMask
A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
Language:C55 3 08
Warmer
Selenium-based Python script to automate sending emails to warm up your sender reputation and improve email deliverability
Language:Python62 3 113
Winsocky
Winsocket for Cobalt Strike.
Language:C98 4 018
WMIExec
Set of python scripts which perform different ways of command execution via WMI protocol.
Language:Python158 3 024

WKL-Sec's Repositories

WKL-Sec/HiddenDesktop
HVNC for Cobalt Strike
Language:C1.2k 15 5180
WKL-Sec/Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
Language:YARA375 5 341
WKL-Sec/dcomhijack
Lateral Movement Using DCOM and DLL Hijacking
Language:Python281 4 124
WKL-Sec/LayeredSyscall
Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR hooks in Windows.
Language:C208 3 127
WKL-Sec/GregsBestFriend
GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
Language:C++175 4 032
WKL-Sec/WMIExec
Set of python scripts which perform different ways of command execution via WMI protocol.
Language:Python158 3 024
WKL-Sec/Winsocky
Winsocket for Cobalt Strike.
Language:C98 4 018
WKL-Sec/FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
Language:Assembly70 3 05
WKL-Sec/Warmer
Selenium-based Python script to automate sending emails to warm up your sender reputation and improve email deliverability
Language:Python62 3 113
WKL-Sec/StackMask
A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
Language:C55 3 08
WKL-Sec/Illicit-Services-Enum-Script
Language:Python53 3 17
WKL-Sec/docker-cobaltstrike
Docker container for running CobaltStrike 4.7 and above
Language:Shell12 2 04
WKL-Sec/WKL-Passwords
Wordlist, rules and masks from White Knight Labs
8 2 05
WKL-Sec/wkl-gophish
WKl Gophish based on Sneaky Gophish
Language:Go7 2 04
WKL-Sec/okta-mfa-check
OKTA MFA Check using Python and Selenium. Tool checks valid OKTA accounts to determine which MFA options are enabled/disabled
Language:Python4 2 00

WKL-Sec

Pinned Repositories

dcomhijack

FuncAddressPro

GregsBestFriend

HiddenDesktop

LayeredSyscall

Malleable-CS-Profiles

StackMask

Warmer

Winsocky

WMIExec

WKL-Sec's Repositories

WKL-Sec/HiddenDesktop

WKL-Sec/Malleable-CS-Profiles

WKL-Sec/dcomhijack

WKL-Sec/LayeredSyscall

WKL-Sec/GregsBestFriend

WKL-Sec/WMIExec

WKL-Sec/Winsocky

WKL-Sec/FuncAddressPro

WKL-Sec/Warmer

WKL-Sec/StackMask

WKL-Sec/Illicit-Services-Enum-Script

WKL-Sec/docker-cobaltstrike

WKL-Sec/WKL-Passwords

WKL-Sec/wkl-gophish

WKL-Sec/okta-mfa-check