therealwolf's repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
bruteforce-lists
Some files for bruteforcing certain things.
JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
WindowsExploitationResources
Resources for Windows exploit development
403-SC-Bypasser
An easy-to-use script for bypassing 403 status codes.
AMSITrigger
The Hunt for Malicious Strings
awesome-bugbounty-builder
Awesome Bug bounty builder Project
Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
C2concealer
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
CVE-2022-25636
CVE-2022-25636 - Linux 5.13 Privilege Escalation
emba
emba - An analyzer for Linux-based firmware of embedded devices.
gospider
Gospider - Fast web spider written in Go
Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
Malleable-C2-Profiles
Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
OSWE
OSWE Preparation
PoC
Proofs-of-concept
ReconHunter
Red Team Mind Map
TFNP
Techniques For Network Ports
the-nuclei-templates
Nuclei templates
Tiny-PHP-Webshell
several list of simple and obfuscate PHP shell
windbg-cheat-sheet
My personal cheat sheet for using WinDbg for kernel debugging
Windows-Post-Exploitation
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
WindowsOldExploits
Awesome tools to exploit Windows !