loneicewolf Goto Github PK

followers: 260.0 following: 1.0 repos: 472.0 gists: 14.0

Name: Will

Type: User

Company: loneicewolf

Bio: I am throwing Malware Authors work into the recycle bin! --- Have a lovely day you who happen to read this! :rose:

Location: Reverse Engineer

Heya!

$\textcolor{#02fd2f}{\textsf{ Have a great week on you! You deserve it!}}$

Want to know something interesting?

$\textcolor{#FF000B}{\textsf{Effort won't disappear}}$

Who are you?

Real name: Will
Age: 24
From: Sweden
Has: A speech disorder (namely, I stutter)
contact: (contact details can be found below)
my blog loneicewolf.github.io

My main focus in life

I always have told myself I write/talk too much; But I am beginning to accept it's who I am ^_^

What do you do in GitHub?

$\textcolor{pink}{\textsf{Throwing malware author's work into the recycle bin!}}$

Reverse engineering (rootkits,malwares)
Malwares and vulns/exploits
Cryptography,Steganography and Obfuscation
Guides (OS setup guides mainly for security.)

Main Projects

Site Profiles

HDDGuru
Mastadon
- Infosec.Exchange
- mastadon.social
STACK*sites
gist's (mostly malware/rev shells and engineering
Quora
LinkedIn
AttackerKB
Medium
Reddit
Youtube for (malware-demos) <- The Titles of the videos was problematic, youtube told me to use longer texts and use symbols(???) and other things.
HTB <- not that active

Projects & Research

pinned

Current Research

EquationGroup

nls_933w_dll & WIN32M.SYS E's HDD reprog. modules
Stars Virus kinda stuxnet related
Fanny.bmp CURRENTLY undergoing extreme clean-up (sorry for the text-all-over-the-place)
StuXnet additional details is hopefully(/soon/) included (such as POC videos)
FlameR additional details is included and more will be.
Duqu Duqu
Gauss additional details is soon included
Agent.BTZ
LOJAX
PEGASUS

Experiences:

Contact me below:

Click to expand

Discord: Ken-Kaneki#3978

Will's Projects

cryptography

Encryption implemented in various languages. like AES and Serpent, more coming.

ctio

CTIO - Cyber Threat Intelligence Overlay

curveball

PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)

cve-2019-0708

Scanner PoC for CVE-2019-0708 RDP RCE vuln

cve-2020-0796-rce-poc

CVE-2020-0796 Remote Code Execution POC

cve-2020-16898

PoC BSOD for CVE-2020-16898 (badneighbor)

cve-2021-3156

Sudo Baron Samedit Exploit

cve-repo

cyberthreatintel

Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups

cyberweapons

Automated Cyber Offense

danderspritz_docs

The goal of this project is to examine, reverse, and document the different modules available in the Equation Group's DanderSpritz post-exploitation framework leaked by the ShadowBrokers

danderspritz_lab

A fully functional DanderSpritz lab in 2 commands

dark-halo-samples

APT 29 samples sunburst

data

APTnotes data

debian_vm_install

Instruction guide on a debian vm install. (vmplayer) I will make this Intentionally insecure to practice backdoor'ing and penetration testing

debloat-windows-10

A collection of Scripts which disable / remove Windows 10 Features and Apps

decompile-dump

Partial stuxnet source decompiled with hexrays, if anyone has better decompile tools feel free to contribute better versions.

defcon-25-workshop

Windows Post-Exploitation / Malware Forward Engineering DEF CON 25 Workshop

defcon25workshop_archive

archive copy (read only) of the defcon 25 workshop git

discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.