therealwolf's Projects
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
A next-generation crawling and spidering framework.
A kernel driver to practice writing exploits against, as well as some example exploits using public techniques.
Methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory.
A tool for analyzing private (and public) key files, including support for Android APK files.
KeyLeak is a repository that shows quick wins for API keys leaked by the application.
Me, Myself & I
a series tutorial for linux exploit development to newbie.
A Course on Intermediate Level Linux Exploitation
A bunch of links related to Linux kernel fuzzing and exploitation
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
A practical guide to securing macOS.
MailKitPro is a simple yet powerful bash script designed to automate the setup of SMTP and DKIM on Linux servers.
Cobalt Strike - Malleable C2 Profiles. A collection of profiles used in different projects using Cobalt Strike https://www.cobaltstrike.com/.
Course materials for Modern Binary Exploitation by RPISEC
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
mx-takeover focuses DNS MX records and detects misconfigured MX records.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
This contains notes and slides for my Objective by the Sea talk
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
Collections of Orange Tsai's public presentation slides.
OSCP Cheat Sheet
Offensive Security Certified Professional ( Preparation documentation )
A list of the resources I use as I get ready for the exam
Skills To Improve Before Heading to OSCP
Not mine just forked from a DMCA old repo from fritz user
Tools I've written for help with the Offensive Security Certified Professional coursework.