Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2019/03/17 8:30 p.m.219 views

Mad-Metasploit - Metasploit Custom Modules, Plugins & Resource Scripts

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection https://www.hahwul.com/p/mad-metasploit.html Awesome open awesome.md Add mad-metasploit to metasploit framework 1. config your metasploit-framework directory $ vim config/config.rb $metasploitpath =...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2018/09/01 1:32 p.m.219 views

Zabbix Threat Control - Zabbix Vulnerability Assessment Plugin

This plugin transforms your Zabbix monitoring system into vulnerability, risk and security managment system for your infrastructure. What the plugin does It provides Zabbix with information about vulnerabilities existing in your entire infrastructure and suggests easily applicable remediation...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2021/03/09 11:30 a.m.218 views

Writehat - A Pentest Reporting Tool Written In Python

WriteHat is a reporting tool which removes Microsoft Word and many hours of suffering from the reporting process. Markdown -- HTML -- PDF. Created by penetration testers, for penetration testers - but can be used to generate any kind of report. Written in Django Python 3. Features: Effortlessly...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/28 1:7 p.m.218 views

OSXCollector - A Forensic Evidence Collection & Analysis Toolkit For OS X

OSXCollector is a forensic evidence collection & analysis toolkit for OSX. Forensic Collection The collection script runs on a potentially infected machine and outputs a JSON file that describes the target machine. OSXCollector gathers information from plists, SQLite databases and the local file...

6.6AI score
Exploits0References9
Kitploit
Kitploit
added 2017/11/02 1:11 p.m.218 views

nullinux - SMB null Session Identification and Enumeration Tool

nullinux is an internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB null sessions. Unlike many of the enumeration tools out there already, nullinux can enumerate multiple targets at once and when...

9.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/07 12:37 a.m.217 views

AntiDisposmail - Detecting Disposable Email Addresses

Antbot.pw provides a free, open API endpoint for checking a domain or email address against a frequently-updated list of disposable domains. CORS is enabled for all originating domains, so you can call the API directly from your client-side code. GET https://antibot.pw/api/[email protected]...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2018/10/27 9:37 p.m.217 views

Python-Nubia - A Command-Line And Interactive Shell Framework

Nubia is a lightweight framework for building command-line applications with Python. It was originally designed for the “logdevice interactive shell aka. ldshell” at Facebook. Since then it was factored out to be a reusable component and several internal Facebook projects now rely on it as a quic...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2019/12/09 11:30 a.m.216 views

CAINE 11 - GNU/Linux Live Distribution For Digital Forensics Project, Windows Side Forensics And Incident Response

CAINE Computer Aided INvestigative Environment is an Italian GNU/Linux live distribution created as a Digital Forensics project. Currently, the project manager is Nanni Bassetti Bari - Italy. CAINE offers a complete forensic environment that is organized to integrate existing software tools as...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2019/09/25 12:0 p.m.216 views

Firmware Analysis Toolkit - Toolkit To Emulate Firmware And Analyse It For Security Vulnerabilities

FAT is a toolkit built in order to help security researchers analyze and identify vulnerabilities in IoT and embedded device firmware. This is built in order to use for the "Offensive IoT Exploitation " training conducted by Attify. Download AttifyOS Note: As of now, it is simply a script to...

7.3AI score
Exploits0References7
Kitploit
Kitploit
added 2019/09/14 8:41 p.m.216 views

TinkererShell - A Simple Python Reverse Shell Written Just For Fun

A simple reverse shell written in python 3.7 just for fun. Actually it supports Windows and Linux OS and integrates some basic features like keylogging and AES encrypted communications. Supported operating systems: Windows Linux OSX Functions and characteristics: Reverse connection. AES encrypted...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/11 12:4 p.m.216 views

WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack

The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor,...

7.3AI score
Exploits0References11
Kitploit
Kitploit
added 2018/06/18 2:9 p.m.216 views

VOOKI - Web Application Vulnerability Scanner

Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section. Vooki – Web Application Scanner can help you to find the...

7AI score
Exploits0
Kitploit
Kitploit
added 2019/02/22 12:39 p.m.215 views

BeEF - The Browser Exploitation Framework Project

What is BeEF? BeEF is short for The BrowserExploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual securi...

7.4AI score
Exploits0References7
Kitploit
Kitploit
added 2018/01/20 9:18 p.m.215 views

macro_pack - Tool Used To Automatize Obfuscation And Generation Of Ms Office Documents For Pentest, Demo, And Social Engineering Assessments

The macropack is a tool used to automatize obfuscation and generation of retro formats such as MS Office documents or VBS like format. This tool can be used for redteaming, pentests, demos, and social engineering assessments. macropack will simplify antimalware solutions bypass and automatize the...

6.7AI score
Exploits0References7
Kitploit
Kitploit
added 2022/04/30 12:30 p.m.214 views

Requests-Ip-Rotator - A Python Library To Utilize AWS API Gateway's Large IP Pool As A Proxy To Generate Pseudo-Infinite IPs For Web Scraping And Brute Forcing

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing. This library will allow the user to bypass IP-based rate-limits for sites and services. X-Forwarded-For headers are automatically randomised and applied unles...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2021/08/15 12:30 p.m.214 views

Tko-Subs - A Tool That Can Help Detect And Takeover Subdomains With Dead DNS Records

This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to a CMS provider Heroku, Github, Shopify, Amazon S3, Amazon CloudFront, etc. that can be taken over. a dangling CNAME pointing to a non-existent domain name one or more wrong/typoed NS...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2020/01/09 11:30 a.m.214 views

Stowaway - Multi-hop Proxy Tool For Pentesters

Stowaway is Multi-hop proxy tool for security researchers and pentesters Users can easily proxy their network traffic to intranet nodes multi-layer PS: The files under demo folder are Stowaway's beta version,it's still functional, you can check the detail by README.md file under the demo folder...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2019/08/25 1:0 p.m.214 views

Sublert - Security And Reconnaissance Tool Which Leverages Certificate Transparency To Automatically Monitor New Subdomains Deployed By Specific Organizations And Issued TLS/SSL Certificate

Sublert is a security and reconnaissance tool that was written in Python to leverage certificate transparency for the sole purpose of monitoring new subdomains deployed by specific organizations and issued TLS/SSL certificate. The tool is supposed to be scheduled to run periodically at fixed time...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2019/07/07 10:23 p.m.214 views

SneakyEXE - Embedding "UAC-Bypassing" Function Into Your Custom Payload

A tool which helps you embedding UAC-Bypassing function into your custom Win32 payloads x8664 architecture specifically Tested on Windows 7,8,10 64bit Free and Open-sourced with full source codes published Tutorial Requirements: | Linux | Windows ---|---|--- Architecture | Optional | x8664 Python...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2019/06/12 1:12 p.m.214 views

Yaazhini - Free Android APK & API Vulnerability Scanner

Yaazhini is a free vulnerability scanner for android APK and API. It is a user-friendly tool that you can easily scan any APK and API of android application and find the vulnerabilities. Yaazhini includes vulnerability scan of API, the vulnerability of APK and reporting section to generate a...

8AI score
Exploits0
Kitploit
Kitploit
added 2018/06/25 2:9 p.m.214 views

Amass - In-depth Subdomain Enumeration

The Amass tool performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting and altering of names and reverse DNS sweeping to obtain additional subdomain names. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2016/01/21 10:37 p.m.214 views

Zizzania - Automated DeAuth Attack

zizzania sniffs wireless traffic listening for WPA handshakes and dumping only those frames suitable to be decrypted one beacon + EAPOL frames + data. In order to speed up the process, zizzania sends IEEE 802.11 DeAuth frames to the stations whose handshake is needed, properly handling...

7.6AI score
Exploits0References4
Kitploit
Kitploit
added 2014/07/07 8:46 p.m.214 views

PwnStar - Script for multi attack (for all your fake-AP needs!)

A bash script to launch a Soft AP, configurable with a wide variety of attack options. Includes a number of index.html and server php scripts, for sniffing/phishing. Can act as multi-client captive portal using php and iptables. Launches classic exploits such as evil-PDF. De-auth with aireplay,...

8.8CVSS8.9AI score0.83638EPSS
Exploits12References4
Kitploit
Kitploit
added 2020/03/20 11:30 a.m.213 views

Maryam v1.4.0 - Open-source Intelligence(OSINT) Framework

OWASP Maryam is an Open-source intelligenceOSINT and Web-based Footprinting modular/tool framework based on the Recon-ng and written in Python. If you have skill in Metasploit or Recon-ng, you can easily use it without prerequisites. And if not, please read the Quick Guide. What can be done If yo...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2020/02/18 12:0 p.m.213 views

NekoBot - Auto Exploiter With 500+ Exploit 2000+ Shell

NekoBotV1 | Auto Exploiter With 500+ Exploit 2000+ Shell Features : + Wordpress : 1- Cherry-Plugin 2- download-manager Plugin 3- wysija-newsletters 4- Slider Revolution Revslider 5- gravity-forms 6- userpro 7- wp-gdpr-compliance 8- wp-graphql 9- formcraft 10- Headway 11- Pagelines Plugin 12-...

0.2AI score
Exploits0References1
Kitploit
Kitploit
added 2016/07/29 10:12 p.m.213 views

LionSec Linux 5.0 - Penetration Testing Operating system based on Ubuntu

LionSec Linux 5.0 is a Ubuntu based penetration testing distribution . It was built in order to perform Computer Forensics , Penetration Tests , Wireless Analysis . With the "Anonymous Mode" , you can browse the internet or send packets anonymously . There are lots of inbuilt tools like netool...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2019/03/24 12:30 p.m.212 views

FIR - Fast Incident Response

FIR Fast Incident Response is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents. FIR is for anyone needing to track cybersecurity incidents CSIRTs, CERTs, SOCs, etc.. It was tailor...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2016/10/15 2:30 p.m.212 views

arch-audit - An utility like pkg-audit for Arch Linux

An utility like pkg-audit for Arch Linux. Based on Arch CVE Monitoring Team data Uses data collected by the awesome Arch CVE Monitoring Team . Installation From AUR The PKGBUILD is available on AUR . After the installation just execute arch-audit . From sources git clone...

9.8CVSS8.6AI score0.95707EPSS
Exploits25References1
Kitploit
Kitploit
added 2024/09/24 11:30 a.m.211 views

SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits

SafeLine is a self-hosted WAFWeb Application Firewall to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2021/02/01 11:30 a.m.211 views

Web-Brutator - Modular Web Interfaces Bruteforcer

Fast Modular Web Interfaces Bruteforcer Install python3 -m pip install -r requirements.txt Usage $ python3 web-brutator.py -h . / \ / \ \ | \ \ / | / | \ // // | \ | | /\ \ | \ \ \ \ / \ \ \ /\ /| \ \ // | | \ | | / | /| | / | | | / /\ / \ / | / || |/ || /| /|| / / / / / Version 0.2...

7.8AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/10 12:12 p.m.211 views

Vuls - Vulnerability Scanner For Linux/FreeBSD, Agentless, Written In Go

Vulnerability scanner for Linux/FreeBSD, agentless, written in golang. Twitter: @vulsen DEMO Abstract For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for...

7.2AI score
Exploits0References4
Kitploit
Kitploit
added 2019/11/09 12:0 p.m.210 views

DFIRtriage - Digital Forensic Acquisition Tool For Windows Based Incident Response

DFIRtriage is a tool intended to provide Incident Responders with rapid host data. Written in Python, the code has been compiled to eliminate the dependency of python on the target host. The tool will run a variety of commands automatically upon execution. The acquired data will reside in the roo...

7.9AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/23 8:25 p.m.210 views

Webtech - Identify Technologies Used On Websites

Identify technologies used on websites. More info on the release's blogpost. CLI Installation WebTech is available on pip: pip install webtech It can be also installed via setup.py: python setup.py install --user Burp Integration Download Jython 2.7.0 standalone and install it into Burp. In...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2017/10/26 1:12 p.m.210 views

SQLiv - Massive SQL Injection Vulnerability Scanner

Massive SQL injection vulnerability scanner. Features 1. multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo 2. targetted scanning by providing specific domain with crawling 3. reverse domain scanning both SQLi scanning and domain info checking are done in multiprocessing s...

8.3AI score
Exploits0References4
Kitploit
Kitploit
added 2016/09/30 2:46 p.m.210 views

QrlJacker - QrlJacking Exploitation Framework

A python framework which goal is to exploit QrlJacking attack vector easily Installation Requirements Python 2.7.x Requests Pillow Selenium configparser Installation on Windows After downloading the framework cd QrlJacking-Framework pip install -r requirements.txt python QRLJacker.py Installation...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2021/04/22 12:30 p.m.209 views

Kubesploit - A Cross-Platform Post-Exploitation HTTP/2 Command And Control Server And Agent Written In Golang

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl @Ne0nd0g. Our Motivation While researching Docker and Kubernetes, we noticed that most of the...

8.6CVSS9.2AI score0.9857EPSS
Exploits33References9
Kitploit
Kitploit
added 2021/03/26 11:30 a.m.209 views

Retoolkit - Reverse Engineer's Toolkit

This is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on x86 and x64 Windows systems. After installing this toolkit you'll have a folder in your desktop with shortcuts to RE tools like these: Why do I need it? You don't. Obviously, you can...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2020/04/10 12:30 p.m.209 views

Ps-Tools - An Advanced Process Monitoring Toolkit For Offensive Operations

Having a good technical understanding of the systems we land on during an engagement is a key condition for deciding what is going to be the next step within an operation. Collecting and analysing data of running processes from compromised systems gives us a wealth of information and helps us to...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/20 8:15 p.m.209 views

Htcap - A Web Application Scanner Able To Crawl Single Page Application (SPA) In A Recursive Manner By Intercepting Ajax Calls And DOM Changes

Htcap is a web application scanner able to crawl single page application SPA in a recursive manner by intercepting ajax calls and DOM changes. Htcap is not just another vulnerability scanner since it's focused on the crawling process and it's aimed to detect and intercept ajax/fetch calls,...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2015/10/30 9:30 p.m.209 views

Infernal-Twin - This Is Evil Twin Attack Automated (Wireless Hacking)

This tool is created to aid the penetration testers in assessing wireless security. Author is not responsible for misuse. Please read instructions thoroughly. Usage sudo python InfernalWireless.py How to install $ sudo apt-get install apache2 $ sudo apt-get install mysql-server...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2022/12/01 11:30 a.m.208 views

DomainDouche - OSINT Tool to Abuse SecurityTrails Domain Suggestion API To Find Potentially Related Domains By Keyword And Brute Force

Abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force. Use it while it still works Also, hmu on Mastodon: @[email protected] Usage: usage: domaindouche.py -h -n N -c COOKIE -a USERAGENT -w NUM -o OUTFILE keyword Abuses SecurityTrails API ...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/09/14 11:30 a.m.208 views

Chimera - PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions

Chimera is a shiny and very hack-ish PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1's known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures. Chimera was created for this write-up an...

7.3AI score
Exploits0References9
Kitploit
Kitploit
added 2019/11/30 11:30 a.m.208 views

Mordor - Re-play Adversarial Techniques

The Mordor project provides pre-recorded security events generated by simulated adversarial techniques in the form of JavaScript Object Notation JSON files for easy consumption. The pre-recorded data is categorized by platforms, adversary groups, tactics and techniques defined by the Mitre ATT&CK...

7.2AI score
Exploits0References4
Kitploit
Kitploit
added 2021/05/16 9:30 p.m.207 views

DFIR-O365RC - PowerShell Module For Office 365 And Azure AD Log Collection

PowerShell module for Office 365 and Azure AD log collection Module description The DFIR-O365RC PowerShell module is a set of functions that allow the DFIR analyst to collect logs relevant for Office 365 Business Email Compromise investigations. The logs are generated in JSON format and retrieved...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/12/13 11:30 a.m.207 views

403Bypasser - Burpsuite Extension To Bypass 403 Restricted Directory

An burpsuite extension to bypass 403 restricted directory. By using PassiveScan default enabled, each 403 request will be automatically scanned by this extension, so just add to burpsuite and enjoy. Payloads: $1: HOSTNAME $2: PATH $1/$2 $1/%2e/$2 $1/$2/. $1//$2// $1/./$2/./ $1/$2anything -H...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2020/06/17 12:30 p.m.207 views

Digital Signature Hijack - Binaries, PowerShell Scripts And Information About Digital Signature Hijacking

Hijacking legitimate digital signatures is a technique that can be used during red team assessments in order to sign PowerShell code and binaries. This could assist to bypass Device Guard restrictions and maintain stealthy in an engagement. DigitalSignatureHijack is a PowerShell script based on...

6.8AI score
Exploits0References5
Kitploit
Kitploit
added 2020/03/26 8:30 p.m.207 views

Ninja - Open Source C2 Server Created For Stealth Red Team Operations

Ninja C2 is an Open source C2 server created by Purple Team to do stealthy computer and Active directoty enumeration without being detected by SIEM and AVs , Ninja still in beta version and when the stable version released it will contains many more stealthy techinques and anti-forensic to create...

7.5AI score
Exploits0References12
Kitploit
Kitploit
added 2019/06/09 10:12 p.m.207 views

Userrecon - Find Usernames Across Over 75 Social Networks

Find usernames across over 75 social networks This is useful if you are running an investigation to determine the usage of the same username on different social networks. Author: @linuxchoice Download Userrecon...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/04/11 10:0 p.m.206 views

Audix - A PowerShell Tool To Quickly Configure The Windows Event Audit Policies For Security Monitoring

Audix will allow for the SIMPLE configuration of Windows Event Audit Policies. Window's Audit Policies are restricted by default. This means that for Incident Responders, Blue Teamers, CISO's & people looking to monitor their environment through use of Windows Event Logs, must configure the audit...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2020/03/23 8:30 p.m.206 views

Starkiller - A Frontend For PowerShell Empire

Starkiller is a Frontend for Powershell Empire. It is an Electron application written in VueJS. If you'd like to contribute please follow the Contribution guide. Getting Started To run Starkiller, you can download the installers for Mac, Linux, and Windows on the Releases page. For more info on...

7.2AI score
Exploits0References5
Total number of security vulnerabilities5000