Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2019/06/20 10:22 p.m.243 views

URLextractor - Information Gathering and Website Reconnaissance

Informationgathering & website reconnaissance Usage: ./extractor http://www.hackthissite.org/ Tips: Colorex: put colors to the ouput pip install colorex and use it like ./extractor http://www.hackthissite.org/ | colorex -g "INFO" -r "ALERT" Tldextract: is used by dnsenumeration function pip insta...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/04/13 9:49 p.m.243 views

0D1N v2.6 - Web Security Tool To Make Fuzzing At HTTP/S

0d1n is a tool for automating customized attacks against web applications. You can do: Brute force login and passwords in auth forms Directory disclosure use PATH list to brute, and find HTTP status code Test to find SQL Injection and XSS vulnerabilities Options to load ANTI-CSRF token each reque...

7.7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/02/14 1:33 p.m.243 views

Lazygit - Simple Terminal UI For Git Commands

A simple terminal UI for git commands, written in Go with the gocui library. Are YOU tired of typing every git command directly into the terminal, but you're too stubborn to use Sourcetree because you'll never forgive Atlassian for making Jira? This is the app for you! Installation Homebrew brew...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2019/12/11 8:25 p.m.242 views

Splunk Attack Range - A Tool That Allows You To Create Vulnerable Instrumented Local Or Cloud Environments To Simulate Attacks Against And Collect The Data Into Splunk

The Attack Range solves two main challenges in development of detections. First, it allows the user to quickly build a small lab infrastructure as close as possible to your production environment. This lab infrastructure contains a Windows Domain Controller, Windows Workstation and Linux server,...

6.7AI score
Exploits0References5
Kitploit
Kitploit
added 2019/10/12 12:22 p.m.242 views

Fsmon - Monitor Filesystem On iOS / OS X / Android / FirefoxOS / Linux

FileSystem Monitor utility that runs on Linux, Android, iOS and OSX. Brought to you by Sergi Àlvarez at Nowsecure and distributed under the MIT license. Contact: [email protected] Usage The tool retrieves file system events from a specific directory and shows them in colorful format or in...

6.7AI score
Exploits0References1
Kitploit
Kitploit
added 2013/12/31 10:8 p.m.242 views

[Ghost Phisher v1.5] GUI suite for phishing and penetration attacks

Ghost Phisher is an application of security which comes built-in with a fake DNS server ,DHCP server fake, fake HTTP Server and also has a space for the automatic capture and recording credentials HTTP method of the form to a database. The program could be used for on-demand service of DHCP, DNS,...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2022/07/26 12:30 p.m.241 views

Laurel - Transform Linux Audit Logs For SIEM Usage

LAUREL is an event post-processing plugin for auditd8 to improve its usability in modern security monitoring setups. Why? TLDR: Instead of audit events that look like this… type=EXECVE msg=audit1626611363.720:348501: argc=3 a0="perl" a1="-e"...

7.1AI score
Exploits0References6
Kitploit
Kitploit
added 2021/12/25 8:30 p.m.241 views

NimHollow - Nim Implementation Of Process Hollowing Using Syscalls (PoC)

Playing around with the Process Hollowing technique using Nim. Features: Direct syscalls for triggering Windows Native API functions with NimlineWhispers. Shellcode encryption/decryption with AES in CTR mode. Simple sandbox detection methods from the OSEP course by @offensive-security. AMSI...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2019/06/05 1:3 p.m.241 views

ReverseTCPShell - PowerShell ReverseTCP Shell, Client & Server

Reverse Encrypted AES 256-bit Shell over TCP - usingPowerShell SecureString. Attacker C2-Server Listener: PS .\ReverseTCP.ps1 Target Client: CMD ECHO...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/04 10:12 p.m.241 views

Hackuna - The First Mobile App to Track Hackers

Cryptors, a cyber security company, invented a mobile app called HACKUNA Anti-Hack that can block and detect these WiFi hackers. The exciting part here is, you can also track the hackers within the area. It will give you all the details you need to find the hacker within the area or to report it ...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2019/02/19 12:45 p.m.241 views

BoNeSi - The DDoS Botnet Simulator

BoNeSi , the DDoS Botnet Simulator is a Tool to simulate Botnet Traffic in a testbed environment on the wire. It is designed to study the effect of DDoS attacks. What traffic can be generated? BoNeSi generates ICMP, UDP and TCP HTTP flooding attacks from a defined botnet size different IP...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/03/04 12:0 p.m.240 views

TwitWork - Monitor Twitter Stream

Monitor twitter stream. TwitWork use the twitter stream which allows you to have a tweets in real-time. There is an input that allows you to filter the flow on one or more keywords or on an @ based on twitter tracking Demo This is a demo of export data on keyword "Coronavirius"...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/12/14 11:30 a.m.240 views

CyberRange - The Open-Source AWS Cyber Range

This CyberRange project represents the first open-source Cyber Range blueprint in the world. This project provides a bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using the AWS Cloud. This project contains...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2019/06/07 10:10 p.m.240 views

Recsech - Tool For Doing Footprinting And Reconnaissance On The Target Web

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools . Features in tools Name | Release |...

7.7AI score
Exploits0References6
Kitploit
Kitploit
added 2019/05/21 9:17 p.m.240 views

Versionscan - A PHP Version Scanner For Reporting Possible Vulnerabilities

Versionscan is a tool for evaluating your currently installed PHP version and checking it against known CVEs and the versions they were fixed in to report back potential issues. PLEASE NOTE: Work is still in progress to adapt the tool to linux distributions that backport security fixes. As of rig...

6.8CVSS9.3AI score0.20237EPSS
Exploits1References1
Kitploit
Kitploit
added 2019/04/10 10:14 p.m.240 views

Zeebsploit - Web Scanner / Exploitation / Information Gathering

zeebsploit is a tool for hacking searching for web information and scanning vulnerabilities of a web Installation & Usage apt-get install git git clone https://github.com/jaxBCD/Zeebsploit.git cd Zeebsploit chmod +x install ./install python3 zeebsploit.py type 'help' for show modules and follow...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/19 9:12 p.m.240 views

Tyton - Linux Kernel-Mode Rootkit Hunter for 4.4.0-31+

Linux Kernel-Mode Rootkit Hunter for 4.4.0-31+. For more information, visit Tyton's website. Detected Attacks Hidden Modules Syscall Table Hooking Network Protocol Hooking Netfilter Hooking Zeroed Process Inodes Process Fops Hooking Interrupt Descriptor Table Hooking Additional Features...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2016/04/22 9:1 p.m.240 views

Htcap - web application scanner able to crawl single page application (SPA) in a recursive manner by intercepting ajax calls and DOM changes

htcap is a web application scanner able to crawl single page application SPA in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused mainly on the crawling process and uses external tools to discover vulnerabilities. It'...

7.9AI score
Exploits0References2
Kitploit
Kitploit
added 2025/05/07 12:30 p.m.239 views

API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc

APIs For OSINT This is a Collection of APIs that will be useful for automating various tasks in OSINT. Thank you for following me! https://cybdetective.com IOT/IP Search engines Name | Link | Description | Price ---|---|---|--- Shodan | https://developer.shodan.io | Search engine for Internet...

7.1AI score
Exploits0References4
Kitploit
Kitploit
added 2021/04/29 9:30 p.m.239 views

MeterPwrShell - Automated Tool That Generate The Perfect Powershell Payload

Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs. This tool is powered by Metasploit-Framework and amsi.fail Notes NEVER UPLOAD THE PAYLOAD THAT GENERATED BY THIS PROGRAM TO ANY ONLINE...

6.7AI score
Exploits0References4
Kitploit
Kitploit
added 2020/07/21 9:30 p.m.239 views

ADB-Toolkit - Tool for testing your Android device

ADB-Toolkit is a BASH Script with 28 options and an METASPLOIT Section which has 6 options which is made to do easypenetration testing in Android Device. You can do preety much any thing with this script and test your android device is it safe or not. This script is made with the help of ADB...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2021/08/05 12:30 p.m.238 views

Elpscrk - An Intelligent Common User-Password Profiler Based On Permutations And Statistics

An Intelligent common user-password profiler that's named after the same tool in Mr.Robot series S01E01 In simple words, elpscrk will ask you about all info you know about your target then will try to generate every possible password the target could think of, it all depends on the information yo...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/09/27 9:0 p.m.238 views

Kube-Alien - Tool To Launches Attack on K8s Cluster from Within

This tool launches attack on k8s cluster from within. That means you already need to have an access with permission to deploy pods in a cluster to run it. After running the kube-alien pod it tries to takeover cluster's nodes by adding your public key to node's /root/.ssh/authorizedkeys file by...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2018/06/03 2:11 p.m.238 views

DefectDojo - Application Vulnerability Correlation And Security Orchestration Application

DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/13 10:20 p.m.237 views

Dwarf - Full Featured Multi Arch/Os Debugger Built On Top Of PyQt5 And Frida

A debugger for reverse engineers, crackers and security analyst. Or you can call it damn, why are raspberries so fluffy or yet, duck warriors are rich as fuck. Whatever you like! Built on top of pyqt5, frida and some terrible code. Checkout the website for features, api and examples CHANGELOG...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2023/05/13 12:30 p.m.236 views

Lfi-Space - LFI Scan Tool

Written by TMRSWRR Version 1.0.0 All in one tools for LFI VULN FINDER -LFI DORK FINDER Instagram: TMRSWRR Screenshots How to use Read Me LFI Space is a robust and efficient tool designed to detectLocal File Inclusion LFI vulnerabilities in web applications. This tool simplifies the process of...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2019/09/28 12:30 p.m.236 views

HRShell - An Advanced HTTPS/HTTP Reverse Shell Built With Flask

HRShell: An advanced HTTPSReverse Shell built with Flask HRShell is an HTTPS/HTTP reverse shell built with flask. It's compatible with python 3.x and has been successfully tested on: Linux ubuntu 18.04 LTS, Kali Linux 2019.3 macOS Mojave Windows 7/10 Features It's stealthy TLS support Either usin...

7.9AI score
Exploits0References3
Kitploit
Kitploit
added 2019/06/25 10:10 p.m.236 views

Tourmaline - Telegram Bot Framework For Crystal

Telegram Bot and hopefully soon Client API framework for Crystal. Based heavily off of Telegraf this Crystal implementation allows your Telegram bot to be written in a language that's both beautiful and fast. Benchmarks coming soon. If you want to extend your bot by using NLP, see my other librar...

7.1AI score
Exploits0References7
Kitploit
Kitploit
added 2021/06/02 12:30 p.m.235 views

Arkhota - A Web Brute Forcer For Android

What? Arkhota is a web HTTP/S brute forcer for Android. Why? A web brute forcer is always in a hacker's computer, for obvious reasons. Sometimes attacks require to be quick or/and with minimal device preparation. Also a phone takes less attention rather than a laptop/computer. For this situations...

7.4AI score
Exploits0References13
Kitploit
Kitploit
added 2021/04/17 9:30 p.m.235 views

Sish - HTTP(S)/WS(S)/TCP Tunnels To Localhost Using Only SSH

An open source serveo/ngrok alternative. Deploy Builds are made automatically for each commit to the repo and are pushed to Dockerhub. Builds are tagged using a commit sha, branch name, tag, latest if released on main. You can find a list here. Each release builds separate sish binaries that can ...

7.2AI score
Exploits0References6
Kitploit
Kitploit
added 2020/03/01 12:30 p.m.235 views

Subfinder - A Subdomain Discovery Tool That Discovers Valid Subdomains For Websites

subfinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and is optimized for speed. subfinder is built for doing one thing only - passive subdomain enumeration, and it does that very well. We have...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/17 9:42 p.m.235 views

Shellsum - A Defense Tool - Detect Web Shells In Local Directories Via Md5Sum

A defense tool - detect web shells in local directories via md5sum Features Fast speed Lightweight Big database Tabled output Usages Install git clone https://github.com/ManhNho/shellsum.git chmod 755 -R shellsum/ cd shellsum/ pip install -r requirements.txt Run python shellsum.py ToDo Smooth...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/01/10 8:35 p.m.235 views

bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records

This script will try to find: the direct IP address of a server behind a firewall like Cloudflare, Incapsula, SUCURI ... an old server which still running the same inactive and unmaintained website, not receiving active traffic because the A DNS record is not pointing towards it. Because it's an...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/07/14 10:35 p.m.235 views

KillerBee - IEEE 802.15.4/ZigBee Security Research Toolkit

This is KillerBee - Framework and Tools for Attacking ZigBee and IEEE 802.15.4 networks. REQUIREMENTS KillerBee is developed and tested on Linux systems. OS X usage is possible but not supported. We have striven to use a minimum number of software dependencies, however, it is necessary to install...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2017/01/16 2:19 p.m.236 views

Invoke-TheHash - PowerShell Pass The Hash Utils

Invoke-TheHash contains PowerShell functions for performing NTLMv2 pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Local administrator privilege is not required client-side. Requirements Minimum PowerShell 2.0 Import Import-Module...

8.2AI score
Exploits0References1
Kitploit
Kitploit
added 2022/05/01 9:30 p.m.234 views

Nanodump - A Crappy LSASS Dumper With No ASCII Art

A flexible tool that creates a minidump of the LSASS process. 1. Features It uses syscalls with SysWhispers2 for most operations. Syscalls are called from an ntdll address to bypass some syscall detections. It sets the syscall callback hook to NULL. Windows APIs are called using dynamic invoke...

7.2AI score
Exploits0References7
Kitploit
Kitploit
added 2022/01/10 8:30 p.m.234 views

PasteMonitor - Scrape Pastebin API To Collect Daily Pastes, Setup A Wordlist And Be Alerted By Email When You Have A Match

Scrape Pastebin API to collect daily pastes, setup a wordlist and be alerted by email when you have a match. Description The PasteMonitor tool allows you to perform two main actions for educational purposes only: Download daily new public pastes Average number of pastes per day: 1000-3000 filetyp...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2018/05/15 2:0 p.m.234 views

OWASP Juice Shop - An Intentionally Insecure Webapp For Security Trainings Written Entirely In Javascript

OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws. For a detailed introduction, full list of features and architecture overview please visit the official project page:...

7AI score
Exploits0References38
Kitploit
Kitploit
added 2022/05/05 9:30 p.m.233 views

Malicious-Pdf - Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality

Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration testing and/or red-teaming etc. I created this tool because i needed a third party tool to generate a bunch of PDF files with various links. Usage pytho...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2021/04/30 4:31 p.m.233 views

SniperPhish - The Web-Email Spear Phishing Toolkit

SniperPhish is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish helps to combine both phishing emails and phishing websites you created to centrally track user actions. The tool is designed in a view of...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2018/01/05 9:4 p.m.234 views

Reposcanner - Python Script To Scan Git Repos For Interesting Strings

Reposcanner is a python script to search through the commit history of Git repositories looking for interesting strings such as API keys, inspires by truffleHog. Installation The python Git module is required python-git on Debian. Usage ./reposcanner -r Options: optional arguments: -h, --help sho...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2020/04/20 9:30 p.m.232 views

Adamantium-Thief - Decrypt Chromium Based Browsers Passwords, Cookies, Credit Cards, History, Bookmarks

Get chromium browsers: passwords, credit cards, history, cookies, bookmarks. Chrome 80 is supported! Examples: Getpasswords from browsers: Stealer.exe PASSWORDS Get credit cards from browsers: Stealer.exe CREDITCARDS Get history from browsers: Stealer.exe HISTORY Get bookmarks from browsers:...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/29 12:47 p.m.232 views

Recon-ng v5.0.0 - Open Source Intelligence Gathering Tool Aimed At Reducing The Time Spent Harvesting Information From Open Sources

Recon-ng is a full-featured reconnaissance framework designed with the goal of providing a powerful environment to conduct open-source web-based reconnaissance quickly and thoroughly. Recon-ng has a look and feels similar to the Metasploit Framework, reducing the learning curve for leveraging the...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/07 1:26 p.m.232 views

NetSet - Operational Security Utility And Automator

Operational Security utility and automator. NetSet is designed to automate a number of operations that will help the user with securing their network traffic. It also provides an easy way to gather proxies and run utilities through Tor. All the utilities installed and used by NetSet will be...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2019/06/05 9:46 p.m.232 views

GhostDelivery - This Tool Creates A Obfuscated .vbs Script To Download A Payload Hosted On A Server To %TEMP% Directory, Execute Payload And Gain Persistence

Python script to generate obfuscated .vbs script that delivers payload with persistence and windows antivirus disabling functions. Features: Downloads payload to TEMP directory and executes payload to bypass windows smart screen. Disables Defender, UAC/user account control, Defender Notifications...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2018/07/28 10:33 p.m.232 views

sRDI - Shellcode Implementation Of Reflective DLL Injection

sRDI allows for the conversion of DLL files to position independent shellcode. Functionality is accomplished via two components: C project which compiles a PE loader implementation RDI to shellcode Conversion code which attaches the DLL, RDI, and user data together with a bootstrap This project i...

8AI score
Exploits0References1
Kitploit
Kitploit
added 2013/02/25 6:36 p.m.232 views

[zANTI] The Power of Backtrack on your Android

Android Network Toolkit also known as zANTI is the most comprehensive and refined pentest tool for android by Zimperium. Zimperium is founded by white hat hacker Itzhack ‘Zuk’ Avraham and also have Kevin Mitnick on there team! They also had recently held the Pentester’s WorldCup. zAnti still come...

9.5AI score
Exploits0
Kitploit
Kitploit
added 2021/08/02 12:30 p.m.231 views

PowerShellArmoury - A PowerShell Armoury For Security Guys And Girls

The PowerShell Armoury is meant for pentesters, "insert-color-here"-teamers and everyone else who uses a variety of PowerShell tools during their engagements. It allows you to download and store all of your favourite PowerShell scripts in a single, encrypted file. You do not have to hassle with...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2021/08/01 9:30 p.m.231 views

tsharkVM - Tshark + ELK Analytics Virtual Machine

This project builds virtual machine which can be used for analytics of tshark -T ek ndjson output. The virtual appliance is built using vagrant, which builds Debian 10 with pre-installed and pre-configured ELK stack. After the VM is up, the process is simple: decoded pcaps tshark -T ek output /...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/11/29 8:30 p.m.231 views

Admin-Scanner - This Tool Is Design To Find Admin Panel Of Any Website By Using Custom Wordlist Or Default Wordlist Easily

WebsiteAdmin Panel Finder How To Install Linux/pc sudo apt install python3 sudo apt install python3-pip sudo apt install git git clone https://github.com/alienwhatever/Admin-Scanner.git cd Admin-Scanner How to Install Termux/Android pkg update && pkg upgrade pkg install python3 pkg install git gi...

7.3AI score
Exploits0References2
Total number of security vulnerabilities5000