Lucene search
K

812 matches found

Kitploit
Kitploit
added 2019/04/02 11:55 a.m.158 views

Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage ./osmedeus.py -t example.com Installation git clone...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2019/03/28 8:40 p.m.107 views

Reconerator - C# Targeted Attack Reconnaissance Tools

This is a custom .NET assembly which will perform a number of situational awareness activities. There are a number of current featuresets: BASIC - Obtains information from the disk and registry. LDAP - Allows customised AD LDAP queries to be made. RESOLVEHOST - Performs DNS lookup queries...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/07 8:27 p.m.195 views

Chomp Scan - A Scripted Pipeline Of Tools To Streamline The Bug Bounty/Penetration Test Reconnaissance Phase

A scripted pipeline of tools to simplify the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs. Scope Chomp Scan is a Bash script that chains together the fastest and most effective tools in my opinion/experience for doing the long and sometimes tedious process o...

6.5AI score
Exploits0References6
Kitploit
Kitploit
added 2019/03/06 12:9 p.m.159 views

Legion - An Easy-To-Use, Super-Extensible And Semi-Automated Network Penetration Testing Tool That Aids In Discovery, Reconnaissance And Exploitation Of Information Systems

Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. More information about...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2019/03/04 2:0 a.m.92 views

RSAC 2019: New Operation Sharpshooter Data Reveals Higher Complexity, Scope

SAN FRANCISCO – An insidious reconnaissance campaign discovered in 2018, dubbed Operation Sharpshooter, is much more widespread than previously thought, researchers said. Operation Sharpshooter was first disclosed in December 2018, using a never-before-seen implant framework to infiltrate global...

7.2AI score
Exploits0References4
Schneier on Security
Schneier on Security
added 2019/02/22 11:35 a.m.90 views

Gen. Nakasone on US Cyber Command

Really interesting article by and interview with Paul M. Nakasone Commander of US Cyber Command, Director of the National Security Agency, and Chief of the Central Security Service in the current issue of Joint Forces Quarterly. He talks about the evolving role of US Cyber Command, and its new...

0.8AI score
Exploits0
Kitploit
Kitploit
added 2019/02/04 12:43 p.m.259 views

Netsniff-Ng - A Swiss Army Knife For Your Daily Linux Network Plumbing

netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space a...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/30 12:49 p.m.249 views

Pown Recon - A Powerful Target Reconnaissance Framework Powered By Graph Theory

Pown Recon is a target reconnaissance framework powered by graph theory. The benefit of using graph theory instead of flat table representation is that it is easier to find the relationships between different types of information which comes quite handy in many situations. Graph theory algorithms...

6.8AI score
Exploits0References2
ThreatPost
ThreatPost
added 2019/01/24 10:3 p.m.292 views

Fighting Fire with Fire: API Automation Risks

Akamai research shows that 83 percent of all traffic on the web today are API calls JSON / XML. In many cases this fast growth can be attributed to the adoption and popularity of mobile devices and the mobile app ecosystem, as well as the abuse by threat actors using bots to automate their manual...

Exploits0References6
Vulnrichment
Vulnrichment
added 2019/01/24 3:0 p.m.8 views

CVE-2019-1645 Cisco Connected Mobile Experiences Information Disclosure Vulnerability

A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...

4.3CVSS6.5AI score0.00519EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2019/01/24 2:11 p.m.176 views

Bit-and-Piece DDoS Method Emerges to Torment ISPs

A pioneering distributed denial-of-service DDoS attack pattern has emerged, targeting internet service providers ISPs with something researchers have dubbed the bit-and-piece “Mongol” attack. The approach involves spreading out junk traffic across large numbers of IP addresses in order to evade...

0.5AI score
Exploits0References2
Cisco
Cisco
added 2019/01/23 4:0 p.m.96 views

Cisco Connected Mobile Experiences Information Disclosure Vulnerability

A vulnerability in the Cisco Connected Mobile Experiences CMX software could allow an unauthenticated, adjacent attacker to access sensitive data on an affected device. The vulnerability is due to a lack of input and validation checking mechanisms for certain GET requests to API's on an affected...

4.3CVSS1.6AI score0.00519EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2019/01/20 12:0 a.m.131 views

Adminer < 4.7.8 SSRF Vulnerability - Windows

Adminer is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.4AI score0.04603EPSS
Exploits1References8
Kitploit
Kitploit
added 2018/12/17 12:12 p.m.51 views

R3Con1Z3R - A Lightweight Web Information Gathering Tool With An Intuitive Features (OSINT)

R3con1z3r is a lightweight Web information gathering tool with an intuitive features written in python. it provides a powerful environment in which open source intelligence OSINT web-based footprinting can be conducted quickly and thoroughly. Footprinting is the first phase of ethical hacking, it...

6.9AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/12/12 3:22 p.m.10 views

Operation Sharpshooter Takes Aim at Global Critical Assets

Researchers have detected a widespread reconnaissance campaign using a never-before-seen implant framework to infiltrate global defense and critical infrastructure players — including nuclear, defense, energy and financial companies. The campaign, dubbed Operation Sharpshooter, began Oct. 25 when...

Exploits0References5
Kitploit
Kitploit
added 2018/12/12 11:38 a.m.135 views

SpiderFoot - The Most Complete OSINT Collection And Reconnaissance Tool

SpiderFoot is an open source intelligence OSINT automation tool. Its goal is to automate the process of gathering intelligence about a given target, which may be an IP address, domain name, hostname, network subnet, ASN or person's name. SpiderFoot can be used offensively, i.e. as part of a...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2018/11/27 12:37 p.m.79 views

TIDoS-Framework v1.7 - The Offensive Manual Web Application Penetration Testing Framework

TIDoS Framework is a comprehensive web-app audit framework. let's keep this simple Highlights :- The main highlights of this framework is: TIDoS Framework now boasts of a century+ of modules. A complete versatile framework to cover up everything from Reconnaissance to Vulnerability Analysis. Has ...

7.8AI score
Exploits0References1
n0where
n0where
added 2018/11/21 12:32 a.m.124 views

Network and Web Pentest Framework: Jok3r

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. Its main goal is to save time on everything that can be automated during network/web pentest in order to enjoy more time on more interesting and challengin...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/11/15 12:47 p.m.63 views

Osmedeus - Automatic Reconnaisance And Scanning In Penetration Testing

Automatic Reconnaisance and Scanning in Penetration Testing What is Osmedeus? Osmedeus allow you to doing boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools. Installation git clone https://github.com/j3ssie/Osmedeus cd...

7.2AI score
Exploits0References14
Kitploit
Kitploit
added 2018/11/09 1:9 p.m.739 views

SMWYG-Show-Me-What-You-Got - Tool To Search 1.4 Billion Clear Text Credentials Which Was Dumped As Part Of BreachCompilation Leak

This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of BreachCompilation leak. This database makes finding passwords faster and easier than ever before. Screenshot Above...

7.5AI score
Exploits0References1
Rows per page
Query Builder