Pinned Repositories
capsule8
Capsule8: open-source cloud-native behavioral security monitoring
DefenderKeys
Quick PowerShell script to extract any exclusions configured for Windows Defender
Empire-GUI
Empire client application
pureblood
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
reflectivepotato
MSFRottenPotato built as a Reflective DLL. Work in progress. Gotta love Visual C++
Shellcode-Via-HTA
How To Execute Shellcode via HTA
swf_json_csrf
ThunderDNS
This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support.
trape
People tracker on the Internet: OSINT analysis and research tool by Jose Pino
WhaleTail
Program to reverse Docker images into Dockerfiles
johnjohnsp1's Repositories
johnjohnsp1/aadcookiespoof
Azure AD Identity Protection Cookie Spoofing
johnjohnsp1/AllTheThingsExec
Executes Blended Managed/Unmanged Exports
johnjohnsp1/Athena
johnjohnsp1/awesome-azure-policy
A curated list of blogs, videos, tutorials, code, tools, scripts, and anything useful related to helping you learn Azure Policy.
johnjohnsp1/awesome-executable-packing
A curated list of awesome resources related to executable packing
johnjohnsp1/awesome-raspberry-pi
📝 A curated list of awesome Raspberry Pi tools, projects, images and resources
johnjohnsp1/Azure-Red-Team
Azure Security Resources and Notes
johnjohnsp1/AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
johnjohnsp1/AzureOptimizationEngine
The Azure Optimization Engine is an extensible solution designed to generate optimization recommendations for your Azure environment. See it like a fully customizable Azure Advisor.
johnjohnsp1/cve
Gather and update all available and newest CVEs with their PoC.
johnjohnsp1/ElasticXDR
This repo is a re-build for ElasticXDR platform. This guide will help you build this XDR platform so that you will be able to gather critical information from your Networking devices.
johnjohnsp1/GoldenGMSA
johnjohnsp1/Macrome
Excel Macro Document Reader/Writer for Red Teamers & Analysts
johnjohnsp1/Malware-analysis-and-Reverse-engineering
Some of my publicly available Malware analysis and Reverse engineering.
johnjohnsp1/MirrorDump
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
johnjohnsp1/moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
johnjohnsp1/MsRdpEx
Microsoft RDP Client Extensions
johnjohnsp1/Mythic
A collaborative, multi-platform, red teaming framework
johnjohnsp1/Nim-RunPE
A Nim implementation of reflective PE-Loading from memory
johnjohnsp1/NimExamples
A collection of offensive Nim example code
johnjohnsp1/NimHollow
Nim implementation of Process Hollowing using syscalls (PoC)
johnjohnsp1/PackMyPayload
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
johnjohnsp1/PowerRemoteDesktop
Remote Desktop entirely coded in PowerShell.
johnjohnsp1/requests-ip-rotator
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
johnjohnsp1/rip_raw
Rip Raw is a small tool to analyse the memory of compromised Linux systems.
johnjohnsp1/Shellcode-Downloader-CreateThread-Execution
This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and download and execute your C2-shellcode which is hosted on your (C2)-webserver.
johnjohnsp1/sliver
Adversary Emulation Framework
johnjohnsp1/TokenUniverse
/* Under development */ An advanced tool for working with access tokens and Windows security policy.
johnjohnsp1/Winshark
A wireshark plugin to instrument ETW
johnjohnsp1/wmiexec-RegOut
Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-software in lateral movement like WMIHACKER.