Pinned Repositories
capsule8
Capsule8: open-source cloud-native behavioral security monitoring
DefenderKeys
Quick PowerShell script to extract any exclusions configured for Windows Defender
Empire-GUI
Empire client application
pureblood
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
reflectivepotato
MSFRottenPotato built as a Reflective DLL. Work in progress. Gotta love Visual C++
Shellcode-Via-HTA
How To Execute Shellcode via HTA
swf_json_csrf
ThunderDNS
This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support.
trape
People tracker on the Internet: OSINT analysis and research tool by Jose Pino
WhaleTail
Program to reverse Docker images into Dockerfiles
johnjohnsp1's Repositories
johnjohnsp1/pureblood
A Penetration Testing Framework created for Hackers / Pentester / Bug Hunter
johnjohnsp1/bitleaker
This tool can decrypt a BitLocker-locked partition with the TPM vulnerability
johnjohnsp1/Mimikore
.NET 5 Single file Application
johnjohnsp1/ad-honeypot-autodeploy
Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot fully automatically.
johnjohnsp1/awesome-console-services
A curated list of awesome console services (reachable via HTTP, HTTPS and other network protocols)
johnjohnsp1/CFB
Canadian Furious Beaver is a tool for monitoring IRP handler in Windows drivers, and facilitating the process of analyzing, replaying and fuzzing Windows drivers for vulnerabilities
johnjohnsp1/cosign
Container Signing
johnjohnsp1/crackerjack
CrackerJack / Hashcat Web Interface / Context Information Security
johnjohnsp1/Credential-Dumping
This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks
johnjohnsp1/CVE-2021-33909
Sequoia exploit (7/20/21)
johnjohnsp1/DcRat
A simple remote tool written in C#. 一个简单的c#远控
johnjohnsp1/DNSStager
Hide your payload in DNS
johnjohnsp1/EDD
Enumerate Domain Data
johnjohnsp1/Espionage
A Network Packet and Traffic Interceptor For Linux. Spoof ARP & Wiretap A Network.
johnjohnsp1/ExecuteAssembly
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).
johnjohnsp1/Experienced-Pentester-OSEP
johnjohnsp1/GadgetProbe
Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
johnjohnsp1/gsocket
Global Socket. Moving data from here to there. Securely, Fast and trough NAT/Firewalls
johnjohnsp1/MemProcFSHunter
A powershell parser for https://github.com/ufrisk/MemProcFS
johnjohnsp1/Mistica
An open source swiss army knife for arbitrary communication over application protocols
johnjohnsp1/NamedPipePTH
Pass the Hash to a named pipe for token Impersonation
johnjohnsp1/PowerShell-Red-Team
Collection of PowerShell functions a Red Teamer may use to collect data from a machine
johnjohnsp1/pywin32
Python for Windows (pywin32) Extensions
johnjohnsp1/s6_pcie_microblaze
PCI Express DIY hacking toolkit for Xilinx SP605
johnjohnsp1/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
johnjohnsp1/sish
HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.
johnjohnsp1/tsharkVM
tshark + ELK analytics virtual machine
johnjohnsp1/whatfiles
Log what files are accessed by any Linux process
johnjohnsp1/Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
johnjohnsp1/WinAPI-Tricks
Collection of various WINAPI tricks / features used or abused by Malware