Extracting SSH Private Keys From Windows 10 ssh-agent

I released some PoC code here to extract and reconstruct the RSA private key from the registryThe first thing I tested was using the OpenSSH utilities normally to generate a few key-pairs and adding them to the ssh-agent.First, I generated some password protected test key-pairs using ssh-keygen.exe: To figure out how the SSH Agent was storing and reading my private keys, I poked around a little and started by statically examining ssh-agent.exe. I knew I had some sort of binary representation of a key, but I could not figure out the format or how to use it.I messed around generating various RSA keys with openssl, puttygen and ssh-keygen, but never got anything close to resembling the binary I had.Finally after much Googling, I found an awesome blogpost from NetSPI about pulling out OpenSSH private keys from memory dumps of ssh-agent on Linux: https://blog.netspi.com/stealing-unencrypted-ssh-agent-keys-from-memory/Could it be that the binary format is the same? All credit due to him for the awesome Python tool and blogpost.After I had proved to myself it was possible to extract a private key from the registry, I put it all together in two scripts.GitHub RepoThe first is a Powershell script (extract_ssh_keys.ps1) which queries the Registry for any saved keys in ssh-agent.