Skip to content
View KFaeKay's full-sized avatar
0 followers · 6 following
  • @smartbytetx
  • Conroe Tx

Block or report KFaeKay

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
KfaeKay/README.md

The Shadow Layer: A Forensic Research Project

Status: Active Investigation | Focus: Persistent Managed Environments and Shadow OS

Research Abstract

This repository documents findings on Shadow Management architectures across modern operating systems. The research focuses on how hidden network drives, Unicode obfuscation, and hardware-level bridges (such as vehicle CAN bus systems) are used to maintain persistence through factory resets and forensic wipes.

Table of Contents

Chapter 1: Apple Ecosystem | Virtual Overlay

Chapter 1 Document

  • The cursh Wrapper: Bypassing Recovery Layers.
  • Homoglyph Loops: Using Unicode for I/O recursion.
  • Photo Ref A: UEFI Discrepancies in Boot Sequence.

Chapter 2: Windows | Proximity and Network-Boot

Chapter 2 Document

  • HID Profile Spoofing: Unauthorized Account Creation.
  • Wi-Fi Direct Managed Images: Loading remote OS layers as local.

Chapter 3: Linux/Kali | Forensic Evasion

Chapter 3 Document

  • Ghost Drives: Hijacking system-reserved partitions.
  • Name Swapping: Manipulating Kernel Mount Logs.

Tools and Hardware Used

  • OS: Kali Linux, macOS (Managed), iOS.
  • Hardware: Flipper Zero, CAN Bus Adapters, Vehicle Navigation Gateways.
  • Methods: Memory Corruption (CVE-2026-20700), Privilege Escalation.

Repository Guidelines

"All drives and operating systems with hidden management and most likely network drives booting as local drive but name swapping or Unicode control or localization to stay hidden."

Contact: Keytan Strong | kxs208@shsu.edu Keytanstrong@gmail.com

Popular repositories Loading

  1. itms-services itms-services Public

    Forked from xykong/itms-services

    A command line tool for building, serving, exporting apple "itms-services" for apple iOS ipa installation

    Go

  2. KfaeKay KfaeKay Public

    Technical research and forensic documentation of shadow management, persistent OS overlays, and hidden drive exploits

  3. chrome-devtools-mcp chrome-devtools-mcp Public

    Forked from ChromeDevTools/chrome-devtools-mcp

    Chrome DevTools for coding agents

    TypeScript