Kr0ff

Just a janky bash script with templated yaml files to deploy elasticEDR (elasticsearch + kibana) on a host for testing purposes

A script to build either Blackarch, Kali linux or ParrotOS Docker container which has the ability to provide desktop environment access either via X2Go or VNC

A PasteBin scrapper that doesnt rely on the PasteBin scrape API

Various methods of executing shellcode

No description provided.

Malware development

Hellokitty Ransomware Sourcecode leaked

Linux Sleep Obfuscation

Shellcode loader written in C with various AV/EDR bypassing features

Using the SystemFunction040 API to encrypt shellcode in memory and decrypt

A djb2 string hashing program which can be used to get the hash value of the name of an NTDLL function. Can be used with Hell's Gate or any of the *Gate variants

No description provided.

Shellcode execution by loading a "vulnerable" third-party module containing RWX section.

Tiger is v3 initial access payload in C

This a method of using WorkItem API to queue them to load a module. This version was modified to support string hashing via CRC32B.

Identify and restore temporary and backup text files from Notepad++

A list of payloads for SQL Injection testing

A simple tool to grab quickly pentest tools or similar from GitHub/Gitlab.

A terraform based project to automatically create a cloud environment for red team or phishing engagements

No description provided.

ForsHops

:scream: A curated list of amazingly awesome OSINT

Kr0ff's blog

Retrieve information about breached accounts from "Combination Of Many Breaches" database (from proxynova.com)

No description provided.

Kentico <=12.0.14 is vulnerable to a remote code execution via the SyncServer

My take on the maldevacademy challenges

Bypass MDM Setup for MacOS, up to Sonoma 14.4.1 (23E224).

CVE-2023-20198-RCE, support adding/deleting users and executing cli commands/system commands.

Retrieve information about a given IP address from "iplocation.net"