Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2018/10/20 12:25 p.m.317 views

Munin - Online Hash Checker For Virustotal And Other Services

Munin is a online hash checker utility that retrieves valuable information from various online sources The current version of Munin queries the following services: Virustotal Malshare HybridAnalysis Note: Munin is based on the script "VT-Checker", which has been maintained in the LOKI repository...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2022/02/25 11:30 a.m.316 views

JNDI-Injection-Exploit - A Tool Which Generates JNDI Links Can Start Several Servers To Exploit JNDI Injection Vulnerability

JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP server. RMI server and LDAP server are based on marshals and modified further to link with HTTP server. Using this tool allows you get JNDI links, you ca...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2021/11/03 11:30 a.m.315 views

HandleKatz - PIC Lsass Dumper Using Cloned Handles

This tool was implemented as part of our Brucon2021 conference talk and demonstrates the usage of cloned handles to Lsass in order to create an obfuscated memory dump of the same. It compiles down to an executable living fully in its text segment. Thus, the extracted .text segment of the PE file ...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2021/02/20 11:30 a.m.315 views

DirDar - A Tool That Searches For (403-Forbidden) Directories To Break It And Get Dir Listing On It

bypass forbidden directories - find and identify dir listing - you can use it as directory brute-forcer as well Compatabily This tool is compatible with all kind of operating systems as long as you have GO compiler installed Install You can use this command if you have Go installed and configured...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2020/04/25 9:30 p.m.315 views

Pwned - Simple CLI Script To Check If You Have A Password That Has Been Compromised In A Data Breach

Pwned is a simple command-line python script to check if you have a password that has been compromised in a data breach. This script uses haveibeenpwned API to check whether your passwords were leaked during one of the many breaches of online services. This API uses k-Anonymity model that allows ...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/11/22 12:11 p.m.315 views

FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP Pass-Through Proxies For Unique IP Rotation

Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the number of IP addresses, were expensive, or required deployment of lots of VPS's. FireProx leverage...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/22 12:27 p.m.315 views

Conpot - An Open Industrial Control Honeypot

Conpot is an ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems Documentation The build of the documentations source can be found here. There you will also find the instructions on how to install conpot and the FAQ...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2021/05/14 9:30 p.m.314 views

Mubeng - An Incredibly Fast Proxy Checker And IP Rotator With Ease

An incredibly fast proxy checker & IP rotator with ease. Features Proxy IP rotator : Rotates your IP address for every specific request. Proxy checker : Check your proxy IP which is still alive. All HTTP/S methods are supported. HTTP & SOCKSv5 proxy protocols apply. All parameters & URIs are...

7.2AI score
Exploits0References8
Kitploit
Kitploit
added 2019/09/10 8:33 p.m.314 views

Botb - A Container Analysis And Exploitation Tool For Pentesters And Engineers

BOtB is a container analysis and exploitation tool designed to be used by pentesters and engineers while also being CI/CD friendly with common CI/CD technologies. What does it do? BOtB is a CLI tool which allows you to: Exploit common container vulnerabilities Perform common container post...

8.6CVSS8.2AI score0.9857EPSS
Exploits34References9
Kitploit
Kitploit
added 2014/06/19 9:50 p.m.314 views

HackPorts - Mac OS X Penetration Testing Framework and Tools

HackPorts was developed as a penetration testing framework with accompanying tools and exploits that run natively on Mac platforms. HackPorts is a ‘super-project’ that leverages existing code porting efforts, security professionals can now use hundreds of penetration tools on Mac systems without...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2019/07/30 10:0 p.m.313 views

WDExtract - Extract Windows Defender Database From Vdm Files And Unpack It

ExtractWindows Defender database from vdm files and unpack it This program distributed as-is, without any warranty; No official support, if you like this tool, feel free to contribute. Features Unpack VDM containers of Windows Defender/Microsoft Security Essentials; Decrypt VDM container embedded...

7.5AI score
Exploits0References10
Kitploit
Kitploit
added 2019/03/01 8:6 p.m.314 views

Imago Forensics - Imago Is A Python Tool That Extract Digital Evidences From Images

Imago is a python tool that extract digital evidences from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago allows to extract...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2020/04/07 12:0 p.m.311 views

Git-Hound v1.1 - GitHound Pinpoints Exposed API Keys On GitHub Using Pattern Matching, Commit History Searching, And A Unique Result Scoring System

A batch-catching, pattern-matching, patch-attacking secret snatcher. GitHound pinpoints exposed API keys and other sensitive information on GitHub using pattern matching, commit history searching, and a unique result scoring system. GitHound has earned me over $7500 applied to Bug Bounty research...

7.4AI score
Exploits0References5
Kitploit
Kitploit
added 2019/03/23 12:5 p.m.311 views

Lynis 2.7.3 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2017/10/25 1:12 p.m.311 views

Reptile - LKM Linux Rootkit

Reptile is a LKM rootkit for evil purposes. If you are searching stuff only for study purposes, see the demonstration codes. Features Give root to unprivileged users Hide files and directories Hide files contents Hide processes Hide himself Boot persistence Heaven's door - A ICMP/UDP port-knockin...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2019/09/05 1:0 p.m.310 views

EMAGNET - Tool For Find Leaked Databases With 97.1% Accurate To Grab Mail + Password Together From Pastebin Leaks

Emagnet is a very powerful tool for it's purpose wich is to capture email addresses and passwords from leaked databases uploaded on pastebin. It's almost impossible to find leaked passwords when they are out of list on pastebin.com. Either they have been deleted by pastebin's techs or the uploads...

6.9AI score
Exploits0References10
Kitploit
Kitploit
added 2021/07/29 12:30 p.m.309 views

Radare2 - UNIX-like Reverse Engineering Framework And Command-Line Toolset

r2 is a rewrite from scratch of radare. It provies a set of libraries, tools and plugins to ease reverse engineering tasks. The radare project started as a simple command-line hexadecimal editor focused on forensics, over time more features were added to support a scriptable command-line low leve...

7.2AI score
Exploits0References13
Kitploit
Kitploit
added 2019/01/22 9:12 p.m.309 views

Beebug - A Tool For Checking Exploitability

beebug is a tool that can be used to verify if a program crash could be exploitable. This tool was presented the first time at r2con 2018 in Barcelona. Some implemented functionality are: Stack overflow on libc Crash on Program Counter Crash on branch Crash on write memory Heap vulnerabilities Re...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2024/06/06 12:30 p.m.308 views

Thief Raccoon - Login Phishing Tool

Thief Raccoon is a tool designed for educational purposes to demonstrate how phishing attacks can be conducted on various operating systems. This tool is intended to raise awareness about cybersecurity threats and help users understand the importance of security measures like 2FA and password...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/04 12:53 p.m.308 views

Kerbrute - A Tool To Perform Kerberos Pre-Auth Bruteforcing

A tool to quickly bruteforce and enumerate valid Active Directory accounts through Kerberos Pre-Authentication Grab the latest binaries from the releases page to get started. Background This tool grew out of some bash scripts I wrote a few years ago to perform bruteforcing using the Heimdal...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2019/07/14 10:11 p.m.307 views

PasteHunter - Scanning Pastebin With Yara Rules

PasteHunter is a python3 application that is designed to query a collection of sites that host publicly pasted data. For all the pasts it finds it scans the raw contents against a series of Yara rules looking for information that can be used by an organisation or a researcher. For setup...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/05/21 1:5 p.m.307 views

XSSCon - Simple XSS Scanner Tool

Powerfull Simple XSS Scanner made with python 3.7 Installing Requirements: BeautifulSoup4 pip install bs4 requests pip install requests python 3.7 Commands: git clone https://github.com/menkrep1337/XSSCon cd XSSCon python3 xsscon.py --help Usage Basic usage: python3 xsscon.py -u...

6.5AI score
Exploits0References1
Kitploit
Kitploit
added 2017/09/27 9:12 p.m.307 views

PowerShdll - Run PowerShell with rundll32 (Bypass software restrictions)

Run PowerShell with dlls only. Does not require access to powershell.exe as it uses powershell automation dlls. dll mode: Usage: rundll32 PowerShdll,main rundll32 PowerShdll,main -f Run the script passed as argument rundll32 PowerShdll,main -w Start an interactive console in a new window rundll32...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/11 10:3 p.m.306 views

PAnalizer - Pornography Analizer And Face Searching

PAnalizer is a forensic tool, you can search pornographic images in a specific directory, this is util in Pedestrian Detection. Also, you can search a specific person in the image set, is necessary give to the application a few pictures of the person of interest. Download PAnalizer...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/03 10:22 p.m.305 views

Hash-Identifier - Software To Identify The Different Types Of Hashes Used To Encrypt Data And Especially Passwords

Software to identify the different types of hashes used to encrypt data and especially passwords. Encryption formats supported: ADLER-32 CRC-32 CRC-32B CRC-16 CRC-16-CCITT DESUnix FCS-16 GHash-32-3 GHash-32-5 GOST R 34.11-94 Haval-160 Haval-192 110080 ,Haval-224 114080 ,Haval-256 Lineage II C4...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2020/07/22 9:30 p.m.304 views

Lazybee - Wordlist Generator Tool for Termux

Lazybee tool is a python based script from which you can generate random wordlist for brutefocre attacks. This tool has a unique features like wordlist generating time calculation and direct .txt saving in current directory. This tool works on both rooted Android device and Non-rooted Android...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/31 1:7 p.m.304 views

Metabigor - Command Line Search Engines Without Any API Key

Command line Search Engine without any API key. What is Metabigor? Metabigor allows you do query from command line to awesome Search Engines like Shodan, Censys, Fofa, etc without any API key. But Why Metabigor? Don't use your API key so you don't have to worry about litmit of API quotation. Do...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/01/21 12:46 p.m.304 views

Malice - VirusTotal Wanna Be (Now With 100% More Hipster)

Malice's mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company. Try It Out DEMO: demo.malice.io username : malice password : ecilam Requirements Hardware 16GB disk space 4GB RAM Software Docker Getting...

7.3AI score
Exploits0References7
Kitploit
Kitploit
added 2018/11/21 9:56 p.m.304 views

Shellver - Reverse Shell Cheat Sheet Tool

Reverse Shell Cheat Sheet Tool Install Note Clone the repository: git clone https://github.com/0xR0/shellver.git Then go inside: cd shellver/ Then install it: python setup.py -i run shellver -h or "shellver bash or perl python php ruby netcat xterm shell all".format or Example shellver python...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2018/03/08 1:24 p.m.304 views

Python-Rootkit - Python Remote Administration Tool (RAT) To Gain Meterpreter Session

This is a full undetectable python RAT which can bypass almost all antivirus and open a backdoor inside any windows machine which will establish a reverse httpsMetasploit connection to your listening machine. ViRu5 life cycle Bypass all anti-virus. Inject a malicious powershell script into memory...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2019/06/15 10:12 p.m.302 views

Seccubus - Easy Automated Vulnerability Scanning, Reporting And Analysis

Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2019/06/15 1:26 p.m.302 views

Getwin - FUD Win32 Payload Generator And Listener

FUD Win32 payload generator and listener Legal disclaimer: Usage of GetWin for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse ...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/10 12:42 p.m.302 views

ReconT - Reconnaisance / Footprinting / Information Disclosure

Recon-Tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from. Features Information Security Headers WAF Detector Banner Grabbing Phone Number Credit Card Number Email US Social Security Number Url Crawl Dom Paramter Url Internal Dynamic...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2016/02/17 2:45 a.m.302 views

NoSQLMap v0.6 - Automated NoSQL Database Pwnage

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases, as well as web applications using NoSQL in order to disclose data from the database. It is named as a tribute to Bernardo Damele and...

8.7AI score
Exploits0References3
Kitploit
Kitploit
added 2021/03/17 11:30 a.m.300 views

Lazy-RDP - Script For AutomRDPatic Scanning And Brute-Force

Script For AutomRDPatic Scanning And Brute-Force. Demo Video: Lazy-RDP over SSH: Script for automatic scanning of the address list for the presence of open 3389 ports, and then selecting the method and starting busting pair login / password. The script is tuned for Kali linux 2.0, Kali linux 2016...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/27 1:7 p.m.299 views

Orbit v2.0 - Blockchain Transactions Investigation Tool

Introduction Orbit is designed to explore network of a blockchain wallet by recursively crawling through transaction history. The data is rendered as a graph to reveal major sources, sinks and suspicious connections. Note: Orbit only runs on Python 3.2 and above. Usage Let's start by crawling...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2019/12/03 9:0 p.m.298 views

aSYNcrone - A SYN Flood DDoS Tool

aSYNcrone is a C language based, mulltifunction SYN Flood DDoS Weapon. Disable the destination system by sending a SYN packet intensively to the destination. aSYNcrone's POWER!!! USAGE git clone https://github.com/fatih4842/aSYNcrone.git cd aSYNcrone gcc aSYNcrone.c -o aSYNcrone -lpthread...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/04/12 1:7 p.m.298 views

XSStrike v3.1.4 - Most Advanced XSS Detection Suite

XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler. Instead of injecting payloads and checking it works like all the other tools do, XSStrike analyses the response...

6.2AI score
Exploits0References14
Kitploit
Kitploit
added 2014/10/20 6:39 p.m.298 views

BlackArch Linux v2014.10.07 - Lightweight expansion to Arch Linux for pentesters and security researchers

BlackArch Linux ISOs including more than 1000 tools and lot's of improvements. Also, armv6h and armv7h repositories are filled with more than 1050 tools. A short ChangeLog: - tool fix: beef - fixed pam issues - added services and login.defs file - removed kde/openbox and i3-debug menu items...

8.1AI score
Exploits0References221
Kitploit
Kitploit
added 2019/12/13 9:28 p.m.297 views

Dsiem - Security Event Correlation Engine For ELK Stack

Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and...

6.8AI score
Exploits0References7
Kitploit
Kitploit
added 2015/10/01 9:47 a.m.297 views

Heartbleed Vulnerability Scanner - Network Scanner for OpenSSL Memory Leak (CVE-2014-0160)

Heartbleed Vulnerability Scanner is a multiprotocol HTTP, IMAP, SMTP, POP CVE-2014-0160 scanning and automatic exploitation tool written with python. For scanning wide ranges automatically, you can provide a network range in CIDR notation and an output file to dump the memory of vulnerable system...

7.5CVSS7.8AI score0.99999EPSS
Exploits88References1
Kitploit
Kitploit
added 2024/03/07 11:30 a.m.295 views

WinFiHack - A Windows Wifi Brute Forcing Utility Which Is An Extremely Old Method But Still Works Without The Requirement Of External Dependencies

WinFiHack is a recreational attempt by me to rewrite my previous project Brute-Hacking-Framework's main wifi hacking script that uses netsh and native Windows scripts to create a wifi bruteforcer. This is in no way a fast script nor a superior way of doing the same hack but it needs no external...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2020/12/26 8:30 p.m.295 views

Social-Analyzer - API And Web App For Analyzing And Finding A Person Profile Across +300 Social Media Websites (Detections Are Updated Regularly)

An API for analyzing & finding a person profile across +300 social media websites. It includes different string analysis and detection modules, you can choose which combination of modules to use during the investigation. The detection modules utilize a rating mechanism based on different detectio...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/06/01 9:49 p.m.295 views

Facebash - Facebook Brute Forcer In Shellscript Using TOR

Facebook Brute Forcer in shellscript using TOR IG: @thelinuxchoice Legal disclaimer: Usage of Facebash for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/07 1:13 p.m.295 views

fuxploider - File Upload Vulnerability Scanner And Exploitation Tool

fuxploider is an open source penetration testing tool that automates the process of detecting and exploiting file upload forms flaws. This tool is able to detect the file types allowed to be uploaded and is able to detect which technique will work best to upload web shells or any malicious file o...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2024/01/17 11:30 a.m.294 views

pyGPOAbuse - Partial Python Implementation Of SharpGPOAbuse

Python partial implementation of SharpGPOAbuse by@pkb1s This tool can be used when a controlled account can modify an existing GPO that applies to one or more users & computers. It will create an immediate scheduled task as SYSTEM on the remote computer for computer GPO, or as logged in user for...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2021/05/22 12:30 p.m.294 views

GraphQLmap - A Scripting Engine To Interact With A Graphql Endpoint For Pentesting Purposes

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. Install $ git clone https://github.com/swisskyrepo/GraphQLmap $ python graphqlmap.py / | | | / | | | | | | | | | | | | | | | '/ | ' | ' | | | | | | ' \ / | ' \ | || | | | | | | | | | | || | || | | | | |...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/08/17 9:47 p.m.293 views

Dow Jones Hammer - Protect The Cloud With The Power Of The cloud(AWS)

Dow Jones Hammer is a multi-account cloud security tool for AWS. It identifies misconfigurations and insecure data exposures within most popular AWS resources, across all regions and accounts. It has near real-time reporting capabilities e.g. JIRA, Slack to provide quick feedback to engineers and...

7.3AI score
Exploits0References18
Kitploit
Kitploit
added 2019/05/17 12:55 p.m.293 views

Project iKy - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Project First of all we want to advice you that we have changed the Frontend from AngularJS to Angular 7. For this reason we left the project with...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2021/06/11 9:30 p.m.292 views

Interactsh - An OOB Interaction Gathering Server And Client Library

Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example - Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction support CLI Client / Web Dashboard support AES encryption with zero logging...

7.4AI score
Exploits0References1
Total number of security vulnerabilities5000