scottj

followers

following

stars

In Transit

http://scottj.info/

Scott Johnson's starred repositories

inceptor

Template-Driven AV/EDR Evasion Framework

Language:AssemblyNOASSERTION154400

SimpleEDR

Simple EDR that injects a DLL into a process to place a hook on specific Windows API

Language:Nim8800

PEzor

Open-Source Shellcode & PE Packer

Language:CGPL-3.0178900

zCrypt

C String and Shellcode Obfuscation in the Browser

Language:HTML100

shiva

A custom ELF linker/loader for installing ET_REL binary patches at runtime

Language:CNOASSERTION13700

Augustus

Evasive Golang Loader

Language:GoGPL-3.013000

RustPacker

Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.

Language:RustGPL-3.020800

NimPackt-v1

Nim-based assembly packer and shellcode loader for opsec & profit

Language:NimMIT44200

NimPlant

A light-weight first-stage C2 implant written in Nim.

Language:NimMIT74300

micr0_shell

micr0shell is a Python script that dynamically generates Windows X64 PIC Null-Free reverse shell shellcode.

Language:Python14400

hoppscotch

Open source API development ecosystem - https://hoppscotch.io (open-source alternative to Postman, Insomnia)

Language:TypeScriptMIT6199700

eavesarp

Analyze ARP requests to identify hosts that are communicating with one another.

Language:PythonMIT1600

chisel

A fast TCP/UDP tunnel over HTTP

Language:GoMIT1245500

pxe-linux-iso

PXE Boot Linux Distribution Easy

Language:Shell5300

dfdone

Generate comprehensive threat models from natural language!

Language:PythonMIT200

browsh

A fully-modern text-based browser, rendering to TTY and browsers

Language:JavaScriptLGPL-2.11676300

NTDLLReflection

Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll , and trigger exported APIs from the export table

Language:C++MIT28700

Memfiddler

Executes shellcode from a remote server and aims to evade in-memory scanners

Language:C++3000

dropper3

Dropper 3.0 (BCE) - The final release of the Dropper payload generator

Language:CApache-2.0400

Breach-Report-Collection

A collection of companies that disclose adversary TTPs after they have been breached

elfcat

ELF visualizer. Generates HTML files from ELF binaries.

Language:RustZlib92500

uvgrep

UniVersal Grep (uvgrep)

Language:ShellGPL-3.0500

CVE-2023-36874

This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Windows Error Reporting (WER) component.

Language:C++7600

ebpfkit

ebpfkit is a rootkit powered by eBPF

Language:CApache-2.072400

TripleCross

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

Language:CGPL-3.0174100

RATs-Source-Collection

SRC Collection: Autoit, Delphi, .NET, VB6, C++ and more.

600

AsyncRAT-C-Sharp

Open-Source Remote Administration Tool For Windows C# (RAT)

Language:C#MIT219900

awesome-rat

RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.

awesome-linux-rootkits

awesome-linux-rootkits

CC0-1.0164300

Cronos-Rootkit

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.

Language:C++MIT82800