Pinned Repositories
Builder
C2-JARM
A list of JARM hashes for different ssl implementations used by some C2/red team tools.
CTF-writeup
Dumpert
LSASS memory dumper using direct system calls and API unhooking.
nmap-scripts
repository containing some nmap scripts
panos-scanner
Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.
Probatorum-EDR-Userland-Hook-Checker
Project to check which Nt/Zw functions your local EDR is hooking
ritadnspysolver
Real Intelligence Threat Analytics - Python addon scripts
XDR_scripts
A few XDR Scripts
k4nfr3's Repositories
k4nfr3/Dumpert
LSASS memory dumper using direct system calls and API unhooking.
k4nfr3/XDR_scripts
A few XDR Scripts
k4nfr3/panos-scanner
Determine the Palo Alto PAN-OS software version of a remote GlobalProtect portal or management interface.
k4nfr3/ritadnspysolver
Real Intelligence Threat Analytics - Python addon scripts
k4nfr3/nmap-scripts
repository containing some nmap scripts
k4nfr3/CTF-writeup
k4nfr3/Probatorum-EDR-Userland-Hook-Checker
Project to check which Nt/Zw functions your local EDR is hooking
k4nfr3/WFP_EDR
k4nfr3/CVE-2018-13379-Fortinet
FortiVuln
k4nfr3/CVE-2024-9474
k4nfr3/Builder
k4nfr3/ioctl_tools
some tools for driver research
k4nfr3/Backstab
A tool to kill antimalware protected processes
k4nfr3/c02
k4nfr3/volatility3_plugin
k4nfr3/C2-JARM
A list of JARM hashes for different ssl implementations used by some C2/red team tools.
k4nfr3/appveyor
k4nfr3/CheekyBlinder
Enumerating and removing kernel callbacks using signed vulnerable drivers
k4nfr3/DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
k4nfr3/HijackLibs
Project for tracking publicly disclosed DLL Hijacking opportunities.
k4nfr3/HowTo
Lots of script for everything and nothing
k4nfr3/Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
k4nfr3/Invoke-EDRChecker
Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.
k4nfr3/k4nfr3
k4nfr3/ntfsdump
Extract files from NTFS Volume
k4nfr3/plane-notify
Notify if a selected plane has taken off or landed using ADS-B data. Compares older data to newer data to determine if a landing or takeoff has occurred. As well as nav modes, emergency squawk and resolution advisory notifications. Can output to Twitter, Discord, Mastodon, and Telegram
k4nfr3/TelemetrySourcerer
Enumerate and disable common sources of telemetry used by AV/EDR.
k4nfr3/WebclientServiceScanner
Python tool to Check running WebClient services on multiple targets based on @leechristensen
k4nfr3/xsoar-demisto-scripts