New York, NY

K2

Elite
@K2

K2/ktwo/Shane Ruled by chaotic energy, I'm always under test, full sender, progressive, world collider, ENTP. Security tested billions of lines :D

EhTrace. ATrace is a tool for tracing execution of binaries on Windows.

242

ADMMutate. Classic code from 1999+ I am fairly sure this is the first public polymorphic shellcode ever (best IMHO and others http://ids.cs.columbia.edu/sites/default/files/ccs07poly.pdf :) If I ever port this to 64 or implement a few other suggestions (sorry I lost ppc code version contributed) it will be orders of magnitude more difficult to spot, so I hope nobody uses signatures for anything (virus / malware scanners included).

94

Scripting. PS / Bash / Python / Other scripts For FUN!

56

LanguageBackdoors. Compiler exploits and exploitable non-obvious source code back doors.

49

olol. # Ollama<=>Ollama Inference Cluster

38

Reloc. Transform dumped executable memory back into an identical match from disk. Use network or local database to de-locate relocated binaries and ensure a cryptographically secure hash match for code running on your legacy systems. A client tool that downloads relocation data for various PE files. This ensures when extracting data from memory dumps that you can match memory to disk files precisely.

12

HashLib. fork from http://hashlib.codeplex.com

12

CapstoneCore. CoreCLR 64bit Capstone bindings

6

HashServer. A Kestrel app server provides a just in time JitHash white list. The client is in powershell and can be used to test remote system memory for unknown code. Rendered doc's are here https://K2.github.io/HashServer/

4

K2. Musings from a life in Security.

2

blackhat-arsenal-tools. Official Black Hat Arsenal Security Tools Repository

2

awesome-malware-analysis. A curated list of awesome malware analysis tools and resources

1

xdna-driver. forked

1

inVtero.net. inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

1

awesome-forensics. A curated list of awesome forensic analysis tools and resources

1

oss-fuzz. OSS-Fuzz - continuous fuzzing for open source software.

1
16
Apply