{"id":13537718,"url":"https://github.com/gen0cide/gscript","last_synced_at":"2026-01-12T14:53:41.518Z","repository":{"id":26933389,"uuid":"110645492","full_name":"gen0cide/gscript","owner":"gen0cide","description":" framework to rapidly implement custom droppers for all three major operating systems","archived":false,"fork":false,"pushed_at":"2024-02-24T18:56:35.000Z","size":46799,"stargazers_count":701,"open_issues_count":6,"forks_count":104,"subscribers_count":34,"default_branch":"master","last_synced_at":"2025-10-16T17:08:37.069Z","etag":null,"topics":["cli","compiler","golang","javascript","malware","security"],"latest_commit_sha":null,"homepage":"https://github.com/gen0cide/gscript","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gen0cide.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-11-14T05:37:26.000Z","updated_at":"2025-10-01T12:40:18.000Z","dependencies_parsed_at":"2024-01-13T11:13:29.340Z","dependency_job_id":"e2b5f74d-da19-40ba-9551-f2bc6946b660","html_url":"https://github.com/gen0cide/gscript","commit_stats":null,"previous_names":[],"tags_count":21,"template":false,"template_full_name":null,"purl":"pkg:github/gen0cide/gscript","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gen0cide%2Fgscript","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gen0cide%2Fgscript/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gen0cide%2Fgscript/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gen0cide%2Fgscript/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gen0cide","download_url":"https://codeload.github.com/gen0cide/gscript/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gen0cide%2Fgscript/sbom","scorecard":{"id":422104,"data":{"date":"2025-08-11","repo":{"name":"github.com/gen0cide/gscript","commit":"d65a5ce55f79c4f544a93997e7eb635a72a64118"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.1,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 2/26 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: GNU Affero General Public License v3.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.1.0 not signed: https://api.github.com/repos/gen0cide/gscript/releases/10031981","Warn: release artifact v0.0.19 not signed: https://api.github.com/repos/gen0cide/gscript/releases/9972168","Warn: release artifact v0.0.18 not signed: https://api.github.com/repos/gen0cide/gscript/releases/9968157","Warn: release artifact v0.0.17 not signed: https://api.github.com/repos/gen0cide/gscript/releases/9967955","Warn: release artifact v0.0.16 not signed: https://api.github.com/repos/gen0cide/gscript/releases/9927303","Warn: release artifact v0.1.0 does not have provenance: https://api.github.com/repos/gen0cide/gscript/releases/10031981","Warn: release artifact v0.0.19 does not have provenance: https://api.github.com/repos/gen0cide/gscript/releases/9972168","Warn: release artifact v0.0.18 does not have provenance: https://api.github.com/repos/gen0cide/gscript/releases/9968157","Warn: release artifact v0.0.17 does not have provenance: https://api.github.com/repos/gen0cide/gscript/releases/9967955","Warn: release artifact v0.0.16 does not have provenance: https://api.github.com/repos/gen0cide/gscript/releases/9927303"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":6,"reason":"dependency not pinned by hash detected -- score normalized to 6","details":["Warn: containerImage not pinned by hash: build/Dockerfile:1: pin your Docker image by updating golang:1.17.13-bullseye to golang:1.17.13-bullseye@sha256:c10d8b1987ad5ddf7816d2f3a56e4a58b5826285dc1449edbb061b3aad25648b","Warn: containerImage not pinned by hash: build/Dockerfile-minimal:1: pin your Docker image by updating golang:1.17.13-bullseye to golang:1.17.13-bullseye@sha256:c10d8b1987ad5ddf7816d2f3a56e4a58b5826285dc1449edbb061b3aad25648b","Info:   0 out of   2 containerImage dependencies pinned","Info:   4 out of   4 goCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 6 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":2,"reason":"8 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GO-2021-0227 / GHSA-3vm4-22fp-5rfm","Warn: Project is vulnerable to: GO-2022-0968 / GHSA-gwc9-m7rh-j2ww","Warn: Project is vulnerable to: GO-2021-0356 / GHSA-8c26-wmh5-6g9v","Warn: Project is vulnerable to: GO-2024-2961","Warn: Project is vulnerable to: GO-2023-2402 / GHSA-45x7-px36-x8w8","Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc","Warn: Project is vulnerable to: GO-2025-3487 / GHSA-hcg3-q754-cr77","Warn: Project is vulnerable to: GO-2022-0493 / GHSA-p782-xgp4-8hr8"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T01:29:04.969Z","repository_id":26933389,"created_at":"2025-08-19T01:29:04.969Z","updated_at":"2025-08-19T01:29:04.969Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28340411,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T12:22:26.515Z","status":"ssl_error","status_checked_at":"2026-01-12T12:22:10.856Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","compiler","golang","javascript","malware","security"],"created_at":"2024-08-01T09:01:02.728Z","updated_at":"2026-01-12T14:53:41.508Z","avatar_url":"https://github.com/gen0cide.png","language":"Go","readme":"![Gscript Logo](https://i.imgur.com/16lZGrA.png)\n\n# Genesis Scripting Engine (gscript)\n\n\u003e Security framework to rapidly implement custom droppers for all three major operating systems\n\n\n\n[![CircleCI](https://circleci.com/gh/gen0cide/gscript/tree/master.svg?style=svg)](https://circleci.com/gh/gen0cide/gscript/tree/master)\n\n## About\n\nGscript is a framework for building multi-tenant executors for several implants in a stager. The engine works by embedding runtime logic (powered by the Otto Javascript Virtual Machine) for each persistence technique. This logic gets run at deploy time on the victim machine, in parallel for every implant contained with the stager. The Gscript engine leverages the multi-platform support of Golang to produce final stage one binaries for Windows, Mac, and Linux. \n\n**We encourage you to read through the slides from DEFCON26:**\n\nhttps://docs.google.com/presentation/d/1kHdz8DY0Zn44yn_XrZ2RVqDY1lpADThLPNPwHP-njbc/edit?usp=sharing\n\n\n## Table of Contents\n\n- [Features](#features)\n- [Installation](#installation)\n- [Quick Start](#quick-start)\n- [Docs](#docs)\n- [Shoutouts](#shoutouts)\n\n## Features\n\n- Easy to learn and write - uses javascript.\n- Portable - Compile droppers for OSX, Windows, or Linux from any OS.\n- Robust - Script's are isolated from each other in a safe execution way.\n- Fast.\n- Extensible - Can link native Golang packages directly into your Javascript.\n\n## Installation\n\n### Docker (Easiest)\n\nIf you have docker installed, you can run:\n\n```\n$ docker pull gen0cide/gscript:v1\n```\n\nMake a local directory where you can share files between your local machine and the docker container. Replace `$LOCAL_DIR` in the following command with the path to that:\n\n```\n$ docker run -it -v $LOCAL_DIR:/root/share gen0cide/gscript:v1\n```\n\nThats it! You're good to go.\n\n\n### Local (Good for advanced)\n\n**Local installation requires you to have a Golang compiler setup and working on your machine. If you need to do this, you can grab an installer [here](https://golang.org/dl/). Make sure `$GOPATH/bin` is in your `$PATH`.**\n\n\nAfter that, all you need to do is run:\n\n```\n$ go get github.com/gen0cide/gscript/cmd/gscript\n```\n\n## Quick Start\n\nCheck out the tutorial docs here:\n\nhttps://github.com/gen0cide/gscript/tree/master/docs/tutorials\n\nIf you want to see example scripts, we have a separate repo you can clone:\n\nhttps://github.com/ahhh/gscripts\n\n## Docs\n\nHere's a list of docs and tutorials that might be helpful for you:\n\n - [Godoc for Engine and Compiler](https://godoc.org/github.com/gen0cide/gscript)\n - [Tutorials in docs/tutorials](https://github.com/gen0cide/gscript/tree/master/docs/tutorials)\n \n(more to come soon)\n\n## Shoutouts\n\nmentors, contributors, and great friends of gscript\n\n- @cmc\n- @hecfblog\n- @ccdcredteam\n- @1njecti0n\n- @ahhh\n- @emperorcow\n- @vyrus001\n- @kos\n- @davehughes\n- @maus\n- @javuto\n\n","funding_links":[],"categories":["\u003ca id=\"9eee96404f868f372a6cbc6769ccb7f8\"\u003e\u003c/a\u003e新添加的","\u003ca id=\"9eee96404f868f372a6cbc6769ccb7f8\"\u003e\u003c/a\u003e工具","Packers / Obfuscators","Go"],"sub_categories":["\u003ca id=\"31185b925d5152c7469b963809ceb22d\"\u003e\u003c/a\u003e新添加的"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgen0cide%2Fgscript","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgen0cide%2Fgscript","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgen0cide%2Fgscript/lists"}