Lucene search
KitPloitKITPLOIT:2730308475904875028HistoryMar 12, 2020 - 11:30 a.m.
Pentest Tools Framework - A Database Of Exploits, Scanners And Tools For Penetration Testing
2020-03-1211:30:00
www.kitploit.com
378
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
Pentest Tools Framework is a database of exploits, Scanners and tools for penetration testing. Pentest is a powerful framework includes a lot of tools for beginners. You can explore kernel vulnerabilities, network vulnerabilities.
NEWS Modules PTF UPDATE
> PTF OPtions
-------------------------------------------------------------------------------------
| Global Option |
-------------------------------------------------------------------------------------
| Command Description |
|-----------------------------------------------------------------------------------|
| show modules | Look this modules |
| show options | Show Current Options Of Selected Module |
| ipconfig | Network Informasion |
| shell | Execution Command Shell >[ctrl+C exit shell ] |
| use | Select Tipe Module For Use |
| set | Select Modules For Use |
| run | Excute modules |
| update | Update Pentest Framework |
| banner | PTF Banner |
| about | Informasion Tools |
| credits | Credits && Thanks |
| clear | Clean Pentest input/output |
| exit | Exit the progam |
-------------------------------------------------------------------------------------
> Modules
+-----------------------------------------------------------------------------------------------------------------------------------+
| EXPLOITS |
-------------------------------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
-------------------------------------------------------------------------------------------------------------------------------------
| exploit/abrt_privilege_escalation | normal | ABRT - sosreport Privilege Escalation |
| exploit/web_delivery | good | Script Web Delivery |
| exploit/apache | good | Apache exploit |
| exploit/shellshock | good | cgi-bin/vulnerable shellshock |
| exploit/davtest | good | Testing tool for webdav server |
| exploit/auto_sql | good | auto with sqlmap |
| exploit/ldap_buffer_overflow | normal | Apache module mod_rewrite LDAP protocol Buffer Overflow |
| exploit/vbulletin_rce | good | vBulletin 5.x 0day pre-quth RCE exploit |
| exploit/cmsms_showtime2_rce | normal | CMS Made Simple (CM SMS) Showtime2 File Upload RCE |
| exploit/awind_snmp_exec | good | AwindInc SNMP Service Command Injection |
| exploit/webmin_packageup_rce | excellent | Webmin Package Updates [Remote Command Execution](<https://www.kitploit.com/search/label/Remote%20Command%20Execution> "Remote Command Execution" ) |
| exploit/samsung_knox_smdm_url | good | Samsung Galaxy KNOX Android Browser RCE |
| exploit/cisco_dcnm_upload_2019 | excellent | Cisco Data Center Network Manager Unauthenticated [Remote Code Execution](<https://www.kitploit.com/search/label/Remote%20Code%20Execution> "Remote Code Execution" ) |
| exploit/zenworks_configuration | excellent | Novell ZENworks Configuration Ma nagement Arbitrary File Upload |
| exploit/cisco_ucs_rce | excellent | Cisco UCS Director Unauthenticated Remote Code Execution |
| exploit/sonicwall | normal | Sonicwall SRA <= v8.1.0.2-14sv remote exploit |
| exploit/bluekeep | good | cve 2019 0708 bluekeep rce |
| exploit/eternalblue | good | MS17-010 EternalBlue SMB Remote Windows Kernel Pool Corruption |
| exploit/inject_html | normal | Inject Html code in all visited webpage |
| exploit/robots | normal | robots.txt Detected |
| exploit/jenkins_script_console | good | Jenk ins-CI Script-Console Java Execution |
| exploit/php_thumb_shell_upload | good | php shell uploads |
| exploit/cpanel_bruteforce | normal | cpanel bruteforce |
| exploit/cms_rce | normal | CMS Made Simple 2.2.7 - (Authenticated) Remote Code Execution |
| exploit/joomla_com_hdflayer | manual | joomla exploit hdflayer |
| exploit/wp_symposium_shell_upload | good | symposium shell upload |
| exploit/joomla0day_com_myngallery | good | exploits com myngallery |
| exploit/jm_auto_change_pswd | normal | vulnerability |
| exploit/android_remote_access | expert | Remote Acces Administrator (RAT) |
| exploit/power_dos | manual | Denial Of Service |
| exploit/tp_link_dos | normal | TP_LINK DOS, 150M Wireless Lite N Router, Model No. TL-WR740N |
| exploit/joomla_com_foxcontact | high | joomla foxcontact |
| exploit/joomla_simple_shell | high | joomla simple shell |
| exploit/joomla_comfields_sqli_rce | high | Joomla Component Fields SQLi Remote Code Execution |
| exploit/inj ect_javascript | normal | Inject Javascript code in all visited webpage |
| exploit/dns_bruteforce | high | Dns Bruteforce with nmap |
| exploit/dos_attack | normal | hping3 dos attack |
| exploit/shakescreen | high | Shaking Web Browser content |
| exploit/bypass_waf | normal | bypass WAf |
| exploit/enumeration | high | simple enumeration |
| exploit/restrict_anonymous | normal | obtain credentials |< br/> | exploit/openssl_heartbleed | high | dump openssl_heartbleed |
| exploit/samba | good | Samba EXploits |
| exploit/smb | good | Albitary samba exploit |
| exploit/webview_addjavascriptinterface | good | Android Browser and WebView addJavascriptInterface Code Execution |
-------------------------------------------------------------------------------------------------------------------------------------
+------------------------------------------------------------------------------------------------------------------------------------+
| SCANNERS |
--------------------------------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
--------------------------------------------------------------------------------------------------------------------------------------
| scanner/enumiax | good | protocol username enumeration |
| scanner/wordpress_user_dislosure | normal | wordpress 5.3 User Disclosu re |
| scanner/botnet_scanning | normal | Bootnet Scanning, first need to find the botnet IP |
| scanner/check_ssl_certificate | normal | SSL Certificate |
| scanner/http_services | normal | Gather page titles from HTTP services |
| scanner/dnsrecon | normal | Record enumeration |
| scanner/sslscan | normal | SSL Scanner |
| scanner/ssl_cert | normal | Nmap script ssl-cert |
| scanner/dns_zone_transfer | normal | Dns Zone transfer |
| scanner/dns_bruteforce | normal | Dns Bruteforce |
| scanner/zone_walking | normal | Zone walking |
| scanner/web_services | normal | Get HTTP headers of web services |
| scanner/http_enum | normal | Find web apps from known paths |
| scanner/ddos_reflectors | normal | Scan for UDP DDOS reflectors |
| scanner/grabbing_detection | normal | Lighter banner grabbing detection |
| scanner/discovery | normal | Scan selected ports - ignore discovery |
| scanner/bluekeep | good | CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check |
| scanner/drupal_scan | good | drupal scanner |
| scanner/eternalblue | good | SMB RCE Detection |
| scanner/header | good | header Scanner with nmap |
| scanner/firewalk | good | firewalk |
| scanner/whois | high | whois |
| scanner/dmitry | good | [Information Gathering](<https://www.kitploit.com/search/label/Information%20Gathering> "Information Gathering" ) Tool |
| scanner/admin_finder | normal | Admin finder |
| scanner/heartbleed | normal | heartbleed scanner vulnerability |
| scanner/wordpress_scan | normal | wordpress scanner |
| scanner/ssl_scanning | good | SSL [Vulnerability Scanning](<https://www.kitploit.com/search/label/Vulnerability%20Scanning> "Vulnerability Scanning" ) |
| scanner/dns_bru teforce | normal | dns bruteforce |
| scanner/nmap_scanner | normal | port scanners nmap |
| scanner/https_discover | normal | https discover |
| scanner/smb_scanning | good | scan vulnerable SMB server |
| scanner/joomla_vulnerability_scanners | high | vulnerability |
| scanner/mysql_empty_password | good | mysql empty password Detected |
| scanner/joomla_scanners_v.2 | good | joomla scaning |
| scanner/joomla_scanners_v3 | normal | joomla scaning |
| scanner/jomscan_v4 | good | scan joomla |
| scanner/webdav_scan | normal | webdav scan vulnerable |
| scanner/joomla_sqli_scanners | high | [vulnerability scanners](<https://www.kitploit.com/search/label/Vulnerability%20Scanners> "vulnerability scanners" ) |
| scanner/lfi_scanners | good | lfi bug scan |
| scanner/port_scanners | manual | port scan |
| scanner/dir_search | high | directory webscan |
| scanner/dir_bruteforce | good | directory Scanning |
| scanner/wordpress_user_scan | good | get wordpress username |
| scanner/cms_war | high | FULL SCAN ALL WEBSITES |
| scanner/usr_pro_wordpress_auto_find | norma | find user vulnerability |
| scanner/nmap_vuln | normal | vulnerability Scanner |
| scanner/xss_scaner | normal | Detected vulnerabilit y xss |
| scanner/spaghetti | high | Web Application Security Scanner |
| scanner/dnslookup | normal | dnslookup scan |
| scanner/reverse_dns | normal | Reverse Dns Lookup |
| scanner/domain_map | normal | scanner domain map |
| scanner/dns_report | normal | dns report |
| scanner/find_shared_dns | normal | find shared dns |
| scanner/golismero | norm al | scan vulnerability with golismero |
| scanner/dns_propagation | low | dns propagation |
| scanner/find_records | normal | find records |
| scanner/cloud_flare | normal | cloud flare |
| scanner/extract_links | normal | links extract |
| scanner/web_robot | normal | web robots scanner |
| scanner/enumeration | normal | http-enumeration |
| scanner/ip_locator | good | ip Detected LOcator |
--------------------------------------------------------------------------------------------------------------------------------------
+----------------------------------------------------------------------------------------------------------+
| POST |
------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
------------------------------------------------------------------------------------------------------------
| post/enumeration | normal | http-enumeration |
| post/vbulletin | high | exploits |
| post/wordpress_user_scan | good | scanners |
| post/dir _search | high | scanners |
| post/cms_war | high | scanners |
| post/usr_pro_wordpress_auto_find | normal | scanners |
| post/android_remote_access | good | exploits |
| post/samba | good | exploits |
------------------------------------------------------------------------------------------------------------
+----------------------------------------------------------------------------------------------------------+
| PASSWORD |
------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
------------------------------------------------------------------------------------------------------------
| password/base64_decode | good | base64 decode |
| password/md5_decrypt | good | md5 decrypt |
| password/sha1_decrypt | good | sha1 decrypt |
| password/ sha256_decrypt | good | sha256 decrypt |
| password/sha384_decrypt | good | sha384 decrypt |
| password/sha512_decrypt | good | sha512 decrypt |
| password/ssh_bruteforce | good | ssh password bruteforce |
------------------------------------------------------------------------------------------------------------
+------------------------------------------------------------------------------------------------------------------------------------+
| LISTENERS MODULES |
--------------------------------------------------------------------------------------------------------------------------------------
| COMMANDS Rank Description |
--------------------------------------------------------------------------------------------------------------------------------------
| android_meterpreter_reverse_tcp | good | Android Meterpreter, Android Reverse TCP Stager |
| android_meterpreter_reverse_https | good | Android Meterpreter, Android Reverse HTTPS Stager |
| java_jsp_shell_reverse_tcp | good | Java JSP Command Shell, Reverse TCP Inline |
| linux_x64_meterpreter_reverse_https | good | linux/x64/meterpreter_reverse_https |
| linux_x64_meterpreter_reverse_tcp | good | Linux Meterpreter, Reverse TCP Inline |
| linux_x64_shell_reverse_tcp | good | Linux Command Shell, Reverse TCP Stager |
| osx_x64_meterpreter_reverse_https | good | OSX Meterpreter, Reverse HTTPS Inline |
| osx_x64_meterpreter_reverse_tcp | good | OSX Meterpreter, Reverse TCP Inline |
| php_meterpreter_reverse_tcp | good | PHP Meterpreter, PHP Reverse TCP Stager |
| python_meterpreter_reverse_https | good | Python Meterpreter Shell, Reverse HTTPS Inline |
| python_meterpreter_reverse_tcp | good | python/meterpreter_reverse_tcp |
| windows_x64_meterpreter_reverse_https | good | Windows Meterpreter Shell, Reverse HTTPS Inline (x64) |
| windows_x64_meterpreter_reverse_tcp | good | Windows Meterpreter Shell, Reverse TCP Inline x64 |
| cmd_windows_reverse_powershell | good | Windows Command Shell, Reverse TCP (via Powershell) |
+------------------------------------------------------------------------------------------------------------------------------------+
About Pentest Tools Framework
INFO: Pentest Tools Framework is a database of exploits, Scanners
and tools for penetration testing. Pentest is a powerful
framework includes a lot of tools for beginners. You can explore
kernel vulnerabilities, network vulnerabilities.
How to install PTF(Pentest Tools Framework)
> root@kali~# cd Pentest-Tools-Framework
> root@kali~# pip install -r requirements.txt
> root@kali~# python install.py
> root@kali~# PTF
INFO: After running install.py you should
select your backbox/kali linux /parrot Os , all computer OS,
About Pentest Tools Framework modules
> Exploits
INFO: A computer program, piece of code,
or sequence of commands that exploit vulnerabilities
in software and are used to carry out an attack on a
computer system. The purpose of the attack can be as a
seizure of control over the system, and the violation
of its functioning!
> Scanners
INFO: The program that scans the specified Internet resource,
archive or website. Also network scanners can scan open ports or
your local network and IPs!
Why Pentest Tools Framework?
> Pentest Tools Framework is a free software
INFO: This is a good platform
to start exploring vulnerabilities!
> Simple UX/UI interface for beginners
INFO: Pentest Tools Framework has simple UX/UI for beginners!
It is easy to understand and it will be easier
for you to master the Pentest Tools Framework.
> A lot of tools for beginners
INFO: Pentest Tools Framework has еру following modules
exploits - scanners - password
This is enough for beginners.
Related
githubexploit
githubexploit
Exploit for Use After Free in Microsoft
2019-05-29 05:51:07
Exploit for Use After Free in Microsoft
2021-06-19 21:55:57
Exploit for Use After Free in Microsoft
2019-05-23 13:54:24
prion
prion
Remote code execution
2019-05-16 19:29:00
qualysblog
qualysblog
Blue is a color we love but can’t Keep!
2019-12-20 16:00:59
BlueKeep Attacks Observed Months after Initial Release
2019-11-04 21:50:34
talosblog
talosblog
Threat Roundup for January 17 to January 24
2020-01-24 12:58:50
Threat Roundup for September 13 to September 20
2019-09-20 12:16:06
Threat Roundup for October 11 to October 18
2019-10-18 09:44:02
myhack58
myhack58
Windows re-aeration“WannaCry”level vulnerability CVE-2019-0708, cures XP, Win7-vulnerability warning-the black bar safety net
2019-05-15 00:00:00
msrc
msrc
Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
2019-05-14 17:05:03
A Reminder to Update Your Systems to Prevent a Worm
2019-05-31 07:00:00
Prevent a worm by updating Remote Desktop Services (CVE-2019-0708)
2019-05-14 07:00:00
cisa
cisa
NSA Releases Advisory on BlueKeep Vulnerability
2019-06-04 00:00:00
canvas
canvas
Immunity Canvas: BLUEKEEP
2019-05-16 19:29:00
metasploit
metasploit
CVE-2019-0708 BlueKeep Microsoft Remote Desktop RCE Check
2019-06-03 21:54:33
CVE-2019-0708 BlueKeep RDP Remote Windows Kernel Use After Free
2019-09-19 11:05:08
threatpost
threatpost
Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes
2020-10-13 20:41:52
BlueKeep Attacks Have Arrived, Are Initially Underwhelming
2019-11-04 11:24:08
Wormable BlueKeep Bug Still Threatens Legions of Windows Systems
2019-07-17 20:55:43
zdt
zdt
Microsoft RDP Remote Code Execution Exploit
2021-06-03 00:00:00
Microsoft Windows 7 (x86) - (BlueKeep) RDP Remote Windows Kernel Use After Free Exploit
2019-11-19 00:00:00
Microsoft Windows Remote Desktop - BlueKeep Denial of Service Exploit
2019-05-31 00:00:00
packetstorm
packetstorm
Microsoft Windows Remote Desktop BlueKeep Denial Of Service
2019-05-30 00:00:00
Microsoft Windows RDP BlueKeep Denial Of Service
2019-07-15 00:00:00
BlueKeep RDP Remote Windows Kernel Use-After-Free
2019-09-23 00:00:00
trellix
trellix
Understanding the Wormable RDP Vulnerability CVE-2019-0708
2019-05-21 00:00:00
Understanding the Wormable RDP Vulnerability CVE-2019-0708
2019-05-21 00:00:00
Securing Space 4.0 – One Small Step or a Giant Leap? - Part 1
2020-09-30 00:00:00
f5
f5
exploitpack
exploitpack
Microsoft Windows Remote Desktop - BlueKeep Denial of Service (Metasploit)
2019-07-15 00:00:00
mssecure
mssecure
Protect against BlueKeep
2019-08-08 16:00:57
Best practices for defending Azure Virtual Machines
2020-10-07 16:00:20
kitploit
kitploit
FATT - A Script For Extracting Network Metadata And Fingerprints From Pcap Files And Live Network Traffic
2019-10-07 21:13:00
Ispy - Eternalblue (MS17-010) / Bluekeep (CVE-2019-0708) Scanner And Exploit
2019-10-09 21:00:00
Rdpscan - A Quick Scanner For The CVE-2019-0708 "BlueKeep" Vulnerability
2019-06-19 12:32:00
thn
thn
New Brute-Force Botnet Targeting Over 1.5 Million RDP Servers Worldwide
2019-06-07 09:13:00
First Cyber Attack 'Mass Exploiting' BlueKeep RDP Flaw Spotted in the Wild
2019-11-03 11:02:00
Nearly 1 Million Computers Still Vulnerable to "Wormable" BlueKeep RDP Flaw
2019-05-28 12:08:00
nessus
nessus
openvas
openvas
symantec
symantec
huawei
huawei
ics
ics
Spacelabs Xhibit Telemetry Receiver (XTR)
2020-02-18 12:00:00
Microsoft Operating Systems BlueKeep Vulnerability
2019-06-17 12:00:00
cve
cve
CVE-2019-0708
2019-05-16 19:29:00
rapid7blog
rapid7blog
NICER Protocol Deep Dive: Internet Exposure of Remote Desktop (RDP)
2020-10-23 17:26:31
checkpoint_advisories
checkpoint_advisories
Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0708)
2019-05-19 00:00:00
attackerkb
attackerkb
Windows Remote Desktop (RDP) Use-after-free vulnerablility, "Bluekeep"
2019-05-16 00:00:00
CVE-2019-0708
2019-05-16 00:00:00
Insecure RDP
2020-10-09 00:00:00
carbonblack
carbonblack
cisa_kev
cisa_kev
Microsoft Remote Desktop Services Remote Code Execution Vulnerability
2021-11-03 00:00:00
mscve
mscve
Remote Desktop Services Remote Code Execution Vulnerability
2019-05-14 07:00:00
exploitdb
exploitdb
Microsoft Windows 7/2003/2008 RDP - Remote Code Execution
2019-05-22 00:00:00
malwarebytes
malwarebytes
Microsoft pushes patch to prevent ‘WannaCry level’ vulnerability
2019-05-15 16:57:16
krebs
krebs
Microsoft Patches ‘Wormable’ Flaw in Windows XP, 7 and Windows 2003
2019-05-14 17:11:34
fireeye
fireeye
trendmicroblog
trendmicroblog
This Week in Security News: Trickbots and Infected Containers
2019-05-31 13:05:27
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.975 High
EPSS
Percentile
100.0%
Related for KITPLOIT:2730308475904875028