Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2019/05/31 9:43 p.m.292 views

autoPwn - Automate Repetitive Tasks For Fuzzing

Warning Completely re-writing this right now. Focus will be on interactive Linux apps that only take input from stdin for starters. Attempting to use Shellphish's Driller and Fuzzer functionality. autoPwn in it's current state will do this in limited form. Simply run autoPwn ./binary then select...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2022/03/27 11:30 a.m.291 views

Nimcrypt2 - .NET, PE, And Raw Shellcode Packer/Loader Written In Nim

Nimcrypt2 is yet another PE packer/loader designed to bypass AV/EDR. It is an improvement on my original Nimcrypt project, with the main improvements being the use of direct syscalls and the ability to load regular PE files as well as raw shellcode. Before going any further, I must acknowledge...

7.9AI score
Exploits0References8
Kitploit
Kitploit
added 2021/01/17 11:30 a.m.291 views

MyJWT - A Cli For Cracking, Testing Vulnerabilities On Json Web Token (JWT)

This cli is for pentesters, CTF players, or dev. You can modify your jwt, sign, inject ,etc... Check Documentation for more information. If you see problems or enhancement send an issue.I will respond as soon as possible. Enjoy : Documentation Documentation is available at...

8.4AI score
Exploits0References21
Kitploit
Kitploit
added 2017/09/26 9:33 p.m.291 views

Exe2Image - A simple utility to convert EXE files to JPEG images and vice versa.

A simple utility to convert EXE files to PNG images and vice versa. Putty.exe converted to an image. Download Exe2Image...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/11 10:5 p.m.290 views

Findomain - A Cross-Platform Tool That Use Certificate Transparency Logs To Find Subdomains

A cross-platform tool that use Certificates Transparency logs to find subdomains. We currently support Linux, Windows and MacOS. How it works? It tool doesn't use the common methods for subdomains discover, the tool uses Certificate Transparency logs to find subdomains and it method make it tool...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2019/05/20 9:39 p.m.290 views

Hydra 9.0 - Fast and Flexible Network Login Hacker

Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. THIS TOOL IS FOR LEG...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2017/09/08 1:30 p.m.290 views

Vision2 - Nmap's XML result parse and NVD's CPE correlation to search CVE

Nmap's XML result parse and NVD's CPE correlation to search CVE. You can use that to find public vulnerabilities in services... Nmap\s XML result parser and NVD's CPE correlation to search CVE Example: python vision2.py -f resultscan.xml -l 3 -o txt Coded by Mthbernades and CoolerVoid -...

9.8CVSS9.1AI score0.67718EPSS
Exploits24References1
Kitploit
Kitploit
added 2016/01/22 10:30 p.m.290 views

Dnstwist - Domain Name Permutation Engine For Detecting Typo Squatting, Phishing And Corporate Espionage

See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud and corporate espionage. Useful as an additional source of targeted threat intelligence. The idea is...

6.3AI score
Exploits0References2
Kitploit
Kitploit
added 2020/07/02 1:0 p.m.289 views

KITT-Lite - Python-Based Pentesting CLI Tool

The KITT Penetration Testing Framework was developed as an open source solution for pentesters and programmers alike to compile the tools they use with what they know into an open source project. With KITT, users are able to easily access a list of commonly used tools to their profession which ar...

7.8AI score
Exploits0References95
Kitploit
Kitploit
added 2019/12/06 7:50 p.m.289 views

RetDec - A Retargetable Machine-Code Decompiler Based On LLVM

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code Supported architectures:...

6.6AI score
Exploits0References18
Kitploit
Kitploit
added 2019/05/17 8:37 p.m.289 views

Acunetix Vulnerability Scanner Now With Network Security Scans

User-friendly and competitively priced, Acunetix leads the market in automatic web security testing technology. Its industry-leading crawler fully supports HTML5, JavaScript, and AJAX-heavy websites, enabling the auditing of complex, authenticated applications. Acunetix provides the only technolo...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2020/03/24 11:30 a.m.287 views

XSS-LOADER - XSS Payload Generator / XSS Scanner / XSS Dork Finder

All in one tools for XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER Written by Hulya Karabag Instagram: Hulya Karabag Screenshots !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYc0ykLdiofQcYKiTnhngvBcuOZsgiRAE-IGKdEx2Bi5o8Ca2ymOKEzKKa528oN9OuQRTbNhfk9CwWasvo5bW9b-GPwWiqjWP4g8R...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/09/07 2:31 a.m.287 views

Phishing-Simulation - Aims To Increase Phishing Awareness By Providing An Intuitive Tutorial And Customized Assessment

Phishing Simulation mainly aims to increase phishing awareness by providing an intuitive tutorial and customized assessment without any actual setup - no domain, no infrastructure, no actual email address to assess people's action on any given situation and gives ability to understand what is the...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/16 8:31 p.m.287 views

Hashboy-Tool - A Hash Query Tool

Hashboy was redeveloped onhash-buster Author:Leiothrix How to install $git clone https://github.com/sf197/hashboy-tool $cd hashboy-tool $python3 hashboy.py How to use $ python3 hashboy.py / / / / / / / / / / / / / / / / / / / / // / / / // / // / // / // //,/// //.//, / // Author:Leiothrix...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2016/02/03 9:42 p.m.287 views

AndroL4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

AndroL4b is an android security virtual machine based on ubuntu Mate includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering and malware analysis. Tools APKStudio Cross-platform Qt5 based IDE for reverse-engineering...

7.5AI score
Exploits0References10
Kitploit
Kitploit
added 2021/11/16 8:30 p.m.286 views

Gotanda - Browser Web Extension For OSINT

Gotanda is OSINTOpen Source Intelligence Web Extension for Firefox/Chrome. This Web Extension could search OSINT information from some IOC in web page.IP,Domain,URL,SNS...etc This Repository partly the studying and JavaScript practice. Download link below. FireFox Chrome Usage Right click...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/10/02 11:59 a.m.286 views

Lockdoor Framework - A Penetration Testing Framework With Cyber Security Resources

Lockdoor Framework : A Penetration Testing Framework With Cyber Security Resources. 09/2019 : 1.0Beta Information Gathring Tools 21 Web Hacking Tools15 Reverse Engineering Tools 15 Exploitation Tools 6 Pentesting & Security Assessment Findings Report Templates 6 Password Attack Tools 4 Shell Tool...

7.5AI score
Exploits0References98
Kitploit
Kitploit
added 2019/02/23 12:23 p.m.286 views

OSFClone - Open Source Utility To Create And Clone Forensic Disk Images

OSFClone is a free, self-booting solution which enables you to create or clone exact raw disk images quickly and independent of the installed operating system. In addition to raw disk images, OSFClone also supports imaging drives to the open Advance Forensics Format AFF , AFF is an open and...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2018/07/19 2:19 p.m.286 views

Seeker - Find GeoLocation With High Accuracy

Seeker utilizes HTML5, Javascript, JQuery and PHP to grab Device Information and GeoLocation with High Accuracy. Other tools and services offer IP Geolocation which is not very accurate and does not give location of user. Generally if a user accepts location permsission, Accuracy of the informati...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2021/06/09 9:30 p.m.285 views

SharpWebServer - HTTP And WebDAV Server With Net-NTLM Hashes Capture Functionality

A Red Team oriented simple HTTP & WebDAV server written in C with functionality to capture Net-NTLM hashes. To be used for serving payloads on compromised machines for lateral movement purposes. Requires .NET Framework 4.5 and System.Net and System.Net.Sockets references. Usage :: SharpWebServer ...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2021/02/25 11:30 a.m.285 views

APT-Hunter - Threat Hunting Tool For Windows Event Logs Which Made By Purple Team Mindset To Provide Detect APT Movements Hidden In The Sea Of Windows Event Logs To Decrease The Time To Uncover Suspicious Activity

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity . this tool will make a good use of the windows event logs collected and make sure...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/05/08 12:56 p.m.285 views

Cynet Free IR Tool Offering Empowers Responders to Know and Act Against Active Attacks

The saying that there are two types of organizations, those that have gotten breached and those who have but just don’t know it yet, has never been more relevant, making sound incident response a required capability in any organization’s security stack. To assist in this critical mission, Cynet i...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2018/09/13 8:47 p.m.285 views

VBScan 0.1.8 - Black Box vBulletin Vulnerability Scanner

OWASP VBScan short for VBulletin Vulnerability Scanner is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them . Why OWASP VBScan ? If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project ...

8.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/01/08 11:30 a.m.284 views

WAFW00F v2.0 - Allows One To Identify And Fingerprint Web Application Firewall (WAF) Products Protecting A Website

The Web Application FirewallFingerprinting Tool. — FromEnable Security How does it work? To do its magic, WAFW00F does the following: Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of potentially...

7.1AI score
Exploits0References7
Kitploit
Kitploit
added 2018/04/22 9:32 p.m.284 views

WHP - Microsoft Windows Hacking Pack

M$ Windows Hacking Pack =========== Tools here are from different sources. The repo is generally licensed with WTFPL, but some content may be not eg. sysinternals. "pes" means "PE Scambled". It's useful sometimes. Remote Exploits =========== Windows 2000 / XP SP1 MS05-039 Microsoft Plug and Play...

7.8CVSS7.8AI score0.29253EPSS
Exploits13References1
Kitploit
Kitploit
added 2021/03/21 11:30 a.m.283 views

Mole - A Framework For Identifying And Exploiting Out-Of-Band Application Vulnerabilities

A framework for identifying and exploiting out-of-band OOB vulnerabilities. Installation & Setup Mole Install Python = 3.6 virtualenv -p /usr/bin/python3 venv source venv/bin/activate ./venv/bin/pip3 install -r requirements.txt git submodule update --init --recursive Set an API key in config.yml...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2020/06/28 9:55 p.m.283 views

Xeexe - Undetectable And XOR Encrypting With Custom KEY (FUD Metasploit RAT)

Undetectable Reverse shell & Xor encrypting with custom KEYFUD Metasploit Rat bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,...PYTHON 3 Undetectable Reverse shell Metasploit Rat Xeexe is an FUD exploiting tool which compiles a malware with famous payload, and then the...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2019/06/01 1:12 p.m.283 views

Finshir - A Coroutines-Driven Low And Slow Traffic Sender, Written In Rust

You are seeing a high-performant, coroutines-driven, and fully customisable implementation of Low & Slow load generator designed for real-world pentesting. You can easily torify/proxify it using various platform-dependent utilities. Demonstration Advantages Coroutines-driven. Finshir uses...

7.2AI score
Exploits0References9
Kitploit
Kitploit
added 2017/09/23 2:30 p.m.283 views

dnscat2 - Create an Encrypted Command & Control (C&C) Channel over the DNS Protocol

dnscat2 is a DNS tunnel that WON'T make you sick and kill you! This tool is designed to create an encrypted command-and-control C&C channel over the DNS protocol, which is an effective tunnel out of almost every network. This README file should contain everything you need to get up and running! I...

7.6AI score
Exploits0References5
Kitploit
Kitploit
added 2017/03/31 2:30 p.m.283 views

Exploit Database - The official Exploit Database Repository

The Exploit Database is an archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Its aim is to serve as the most comprehensive collection of exploits gathered through direct submissions, mailing lists, and other...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2022/11/23 11:30 a.m.282 views

Scrcpy - Display And Control Your Android Device

pronounced "scr een c opy " Read in another language This application provides display and control of Android devices connected via USB or over TCP/IP. It does not require any root access. It works on GNU/Linux , Windows and macOS. It focuses on: lightness : native, displays only the device scree...

7.7AI score
Exploits0References33
Kitploit
Kitploit
added 2021/02/22 11:30 a.m.282 views

Horusec - An Open Source Tool That Improves Identification Of Vulnerabilities In Your Project With Just One Command

Horusec is an open source tool that performs static code analysis to identify security flaws during the development process. Currently, the languages for analysis are: C, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart. The tool has...

7.4AI score
Exploits0References7
Kitploit
Kitploit
added 2020/03/05 12:30 p.m.282 views

Phonia Toolkit - One Of The Most Advanced Toolkits To Scan Phone Numbers Using Only Free Resources

Phonia Toolkit is one of the most advanced toolkits to scan phone numbers using only free resources. The goal is to first gather standard information such as country, area, carrier and line type on any international phone numbers with a very good accuracy. Getting started Phonia installation cd...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/08/24 1:0 p.m.282 views

LDAPDomainDump - Active Directory Information Dumper Via LDAP

Active Directory information dumper via LDAP Introduction In an Active Directory domain, a lot of interesting information can be retrieved via LDAP by any authenticated user or machine. This makes LDAP an interesting protocol for gathering information in the recon phase of a pentest of an interna...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2019/02/15 8:27 p.m.282 views

Kaboom - Automatic Pentest

kaboom is a script that automates the penetration test. It performs several tasks for each phase of pentest: 1. Information gathering nmap-unicornscan TCP scan UDP scan 2. Vulnerability assessment nmap-nikto-dirb-searchsploit-msfconsole It tests several services: smb ssh snmp smtp ftp tftp ms-sql...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2015/11/16 9:36 a.m.282 views

PowerTools - Collection Of PowerShell Projects With A Focus On Offensive Operations

Veil's PowerTools are a collection of PowerShell projects with a focus on offensive operations. This collection contains five projects: PowerUp PowerBreach PowerPick PewPewPew PowerView PowerUp PowerUp is a powershell tool to assist with local privilege escalation on Windows systems. It contains...

7.9AI score
Exploits0References1
Kitploit
Kitploit
added 2021/10/19 11:30 a.m.281 views

Karma_V2 - A Passive Open Source Intelligence (OSINT) Automated Reconnaissance (Framework)

𝚔𝚊𝚛𝚖𝚊 𝚟𝟸 is a Passive Open Source Intelligence OSINT Automated Reconnaissance framework 𝚔𝚊𝚛𝚖𝚊 𝚟𝟸 can be used by Infosec Researchers, Penetration Testers, Bug Hunters to find deep information, more assets, WAF/CDN bypassed IPs, Internal/External Infra, Publicly exposed leaks and many more about...

7.2AI score
Exploits0References4
Kitploit
Kitploit
added 2021/06/03 9:30 p.m.281 views

Bn-Uefi-Helper - Helper Plugin For Analyzing UEFI Firmware

Helper plugin for analyzing UEFI firmware. This plugin contains the following features: Apply the correct prototype to the entry point function Fix segments so all segments are RWX and have the correct semantics This allows for global function pointers to be rendered correctly Apply types for cor...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2021/03/06 8:30 p.m.281 views

Chameleon - Customizable Honeypots For Monitoring Network Traffic, Bots Activities And Username\Password Credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres And MySQL)

Customizable honeypots for monitoring network traffic, bots activities and username\password credentials DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres and MySQL Grafana Interface NMAP Scan Credentials Monitoring General Features Modular...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2019/12/24 11:30 a.m.280 views

AttackSurfaceMapper - A Tool That Aims To Automate The Reconnaissance Process

Attack Surface Mapper is a reconnaissance tool that uses a mixture of open source intellgence and active techniques to expand the attack surface of your target. You feed in a mixture of one or more domains, subdomains and IP addresses and it uses numerous techniques to find more targets. It...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2018/09/05 1:7 p.m.280 views

Vulners Scanner - Vulnerability Scanner Based On Vulners.Com Audit API

PoC of a host-based vulnerability scanner, which uses vulners.com API. Detects operating system, collects installed packages and checks vulnerabilities in it. Supported OS Currently support collecting packages for these operating systems: Debian-based debian, kali, ubuntu Rhel-based redhat, cento...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2014/04/14 10:39 p.m.280 views

RouterPassView v1.53 - Recover lost password from router backup file

Most modern routers allow you to backup the configuration of the router into a file, and then restore the configuration from the file when it's needed. The backup file of the router usually contains important data like your ISP user name/password, the login password of the router, and wireless...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2019/02/06 12:39 p.m.279 views

RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations

Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. Initial public release at BruCON 2018: Video: https://www.youtube.com/watch?v=OjtftdPts4g Presentation slides:...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2024/01/02 11:30 a.m.278 views

WiFi-password-stealer - Simple Windows And Linux Keystroke Injection Tool That Exfiltrates Stored WiFi Data (SSID And Password)

Have you ever watched a film where a hacker would plug-in, seemingly ordinary, USB drive into a victim's computer and steal data from it? - A proper wet dream for some. Disclaimer : All content in this project is intended for security research purpose only. Introduction During the summer of 2022,...

7.8AI score
Exploits0References22
Kitploit
Kitploit
added 2019/07/20 9:49 p.m.279 views

Git-Hound - Find Exposed Keys Across GitHub Using Code Search Keywords

A pattern-matching, batch-catching secret snatcher. This project is intended to be used for educational purposes. Git Hound makes it easy to find exposed API keys on GitHub using pattern matching, targetted querying, and a scoring system. Usage echo "tillsongalloway.com" | python git-hound.py or...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2019/03/29 12:12 p.m.278 views

WinPwn - Automation For Internal Windows Penetrationtest

In many past internal penetration tests I often had problems with the existing Powershell Recon / Exploitation scripts due to missing proxy support. For this reason I wrote my own script with automatic proxy recognition and integration. The script is mostly based on well-known large other offensi...

7.4AI score
Exploits0References14
Kitploit
Kitploit
added 2019/05/10 9:30 p.m.277 views

iCULeak - Tool To Find And Extract Credentials From Phone Configuration Files Hosted On Cisco CUCM

Tool to find and extract credentials from phone configuration files in environments managed by Cisco's CUCM Call Manager. When using Cisco's CUCM Call Manager, phone configuration files are stored on a TFTP server. These phone configuration files quite frequently contain sensitive data, including...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2019/03/19 8:38 p.m.277 views

Dnsdmpstr - Unofficial API & Client For Dnsdumpster.Com And Hackertarget.Com

Unofficial API & Client for DNS Dumpster and HackerTarget.com IP tools. https://dnsdumpster.com/ https://hackertarget.com/ip-tools/ Installation git clone https://github.com/zeropwn/dnsdmpstr cd dnsdmpstr pip3 install -r requirements.txt chmod +x ddump.py Usage As a command-line utility...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/08 8:11 p.m.277 views

Cat-Nip - Automated Basic Pentest Tool (Designed For Kali Linux)

Cat-Nip Automated BasicPentest Tool this tool will make your basic pentesting task like Information Gathering, Auditing, And Reporting so this tool will do every task fully automatic. Usage Guide Download / Clone Cat-Nip git clone https://github.com/baguswiratmaadi/catnip Go Inside Cat-Nip Dir cd...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/08 12:7 p.m.277 views

SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References20
Total number of security vulnerabilities5000