therealwolf's Projects
Some Reverse Engineering Tutorials for Beginners
ScareCrow - Payload creation framework designed around EDR bypass.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Extracting api keys and secrets by requesting each url at the your list.
Collection of the most common vulnerabilities found in iOS applications
Security Links That i gathered Along the way
The Shadow Brokers "Lost In Translation" leak
Weaponized HellsGate/SigFlip
Simplified MITRE Use Cases, it describes the Attack and Detection
Starkiller is a Frontend for PowerShell Empire.
Hostile Subdomain Takeover tool written in Go
Techniques For Network Ports
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Nuclei templates
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software
several list of simple and obfuscate PHP shell
A lightweight dynamic instrumentation library
Tools of "The Bug Hunters Methodology V2 by @jhaddix"
Training materials crafted and publicly provided by Red Naga members
This repository is to make life of the pentester easy as it is a collection of the websites that can be used by pentesters for day to day studies and to remain updated.
Vulnerable driver research tool, result and exploit PoCs
A script to enumerate virtual hosts on a server.
cve-2019-11931
A fork of AFL for fuzzing Windows binaries
My personal cheat sheet for using WinDbg for kernel debugging
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!