Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2015/10/24 11:7 p.m.206 views

MobSF (Mobile Security Framework) - Mobile (Android/iOS) Automated Pen-Testing Framework

Mobile Security Framework MobSF is an intelligent, all-in-one open source mobile application Android/iOS automated pen-testing framework capable of performing static and dynamic analysis. We've been depending on multiple tools to carry out reversing, decoding, debugging, code review, and pen-test...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2013/07/17 10:57 p.m.206 views

[bWAPP bee-box] Linux VMware virtual machine pre-installed with bWAPP

bee-box is a custom Linux VMware virtual machine pre-installed with bWAPP. bee-box gives you several ways to hack and deface the bWAPP website. It's even possible to hack the bee-box to get root access... With bee-box you have the opportunity to explore all bWAPP vulnerabilities! This project is...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2020/06/03 9:30 p.m.205 views

Eviloffice - Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)

Win python script to inject Macro and DDE code into Excel and Word documents reverse shell Features: Inject malicious Macro on formats: docm, dotm, xlsm, xltm Inject malicious DDE code on formats: doc, docx, dot, xls, xlsx, xlt, xltx Python2/Python3 Compatible Tested: Win10 MS Office 14.0...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/09 8:33 p.m.205 views

ReconPi - Set Up Your Raspberry Pi To Perform Basic Recon Scans

ReconPi - A lightweight recon tool that performs extensive reconnaissance with the latest tools using a Raspberry Pi. Start using that Raspberry Pi -- I know you all have one laying around somewhere ; Installation Check the updated blogpost here for a complete guide on how to set up your own...

7AI score
Exploits0References16
Kitploit
Kitploit
added 2019/02/10 1:13 p.m.205 views

Hontel - Telnet Honeypot

HonTel is a Honeypot for Telnet service. Basically, it is a Python v2.x application emulating the service inside the chroot environment. Originally it has been designed to be run inside the Ubuntu environment, though it could be easily adapted to run inside any Linux environment. Documentation:...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2021/09/16 8:30 p.m.204 views

DNSTake - A Fast Tool To Check Missing Hosted DNS Zones That Can Lead To Subdomain Takeover

A fast tool to check missing hosted DNS zones that can lead to subdomain takeover. What is a DNS takeover? DNS takeover vulnerabilities occur when a subdomain subdomain.example.com or domain has its authoritative nameserver set to a provider e.g. AWS Route 53, Akamai, Microsoft Azure, etc. but th...

7.2AI score
Exploits0References6
Kitploit
Kitploit
added 2021/06/01 10:18 p.m.204 views

Dent - A Framework For Creating COM-based Bypasses Utilizing Vulnerabilities In Microsoft's WDAPT Sensors

More Information If you want to learn more about the techniques utlized in this framework please take a look at this article. Description This framework generates code to exploit vulnerabilties in Microsoft Defender Advanced Threat Protection's Attack Surface Reduction ASR rules to execute...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2021/03/25 11:30 a.m.204 views

Gitrecon - OSINT Tool To Get Information From A Github Profile And Find GitHub User'S Email Addresses Leaked On Commits

OSINT tool to get information from a github profile and find GitHub user's email addresses leaked on commits. How does this work? GitHub uses the email address associated with a GitHub account to link commits and other activity to a GitHub profile. When a user makes commits to public repos their...

7AI score
Exploits0References6
Kitploit
Kitploit
added 2020/01/05 10:44 p.m.204 views

Tishna - Complete Automated Pentest Framework For Servers, Application Layer To Web Security

Complete Automated pentest framework for Servers, Application Layer to Web Security Interface Software have 62 Options with full automation and can be use for web security swiss knife Tishna Tishna is Web Server Security Penetration Software for Ultimate Security Analaysis Kali, Parrot OS, Black...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2019/08/27 1:18 p.m.204 views

EVABS - Extremely Vulnerable Android Labs

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners. The effort is to introduce beginners with very limited or zero knowledge to some of the major and commonly found real-world based Android application...

7.4AI score
Exploits0References7
Kitploit
Kitploit
added 2019/06/14 9:51 p.m.204 views

CocoaDebug - iOS Debugging Tool

iOS Debugging Tool Shake to hide or show the black bubble. support both device and simulator Long press the black bubble to show UIDebuggingInformationOverlay. Apple's Private API, support iOS 10/11/12 Application memory usage and FPS. List all print and NSLog messages which have been written by...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2017/08/10 3:27 p.m.204 views

Vulscan - Advanced vulnerability scanning with Nmap NSE

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of VulDB. Installation Please install the files...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2015/11/15 7:13 p.m.204 views

Pemcracker - Tool To Crack Encrypted PEM Files

This tool is inspired by pemcrack by Robert Graham. The purpose is to attempt to recover the password for encrypted PEM files while utilizing all the CPU cores. It still uses high level OpenSSL calls in order to guess the password. As an optimization, instead of continually checking against the P...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2021/03/27 8:30 p.m.203 views

Search-That-Hash - Searches Hash APIs To Crack Your Hash Quickly, If Hash Is Not Found Automatically Pipes Into HashCat

The Fastest Hash Cracking System pip3 install search-that-hash && sth Tired of going to every website to crack your hash? Search-That-Hash automates this process in less than 2 seconds. Search-That-Hash searches the most popular hash cracking sites and automatically inputs your hashs for cracking...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2020/04/23 12:30 p.m.203 views

Lulzbuster - A Very Fast And Smart Web Directory And File Enumeration Tool Written In C

Lulzbuster is a very fast and smart web directory and file enumeration tool written in C. Usage $ lulzbuster -H / / / / / / / / / / / / / / / / / / / / / / / / / / // / / / // // / // // / / //,// //./,///// --== by nullsecurity.net ==-- usage lulzbuster -s opts | target options -s - start...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2020/04/22 9:30 p.m.203 views

Impulse - Impulse Denial-of-service ToolKit

Modern Denial-of-service ToolKit Main window Methods: Method | Target | Description ---|---|--- SMS | +PHONE | SMS & CALL FLOOD NTP | IP:PORT | NTP amplification is a type of Distributed Denial of Service DDoS attack in which the attacker exploits publically-accessible Network Time Protocol NTP...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2020/01/26 11:42 a.m.203 views

Aircrack-ng 1.6 - Complete Suite Of Tools To Assess WiFi Network Security

Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...

7.2AI score
Exploits0References6
Kitploit
Kitploit
added 2019/03/04 12:12 p.m.203 views

Rpi-Hunter - Automate Discovering And Dropping Payloads On LAN Raspberry Pi's Via SSH

Automate discovering and dropping payloads on LAN Raspberry Pi's via ssh. rpi-hunter is useful when there are multiple Raspberry Pi's on your LAN with default or known credentials, in order to automate sending commands/payloads to them. GUIDE: Installation 1. Install dependencies: sudo pip instal...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2021/09/08 8:30 p.m.202 views

SharpStrike - A Post Exploitation Tool Written In C# Uses Either CIM Or WMI To Query Remote Systems

SharpStrike is a post-exploitation tool written in C that uses either CIM or WMI to query remote systems. It can use provided credentials or the current user's session. Note: Some commands will use PowerShell in combination with WMI, denoted with in the --show-commands command. Introduction...

7.7AI score
Exploits0References5
Kitploit
Kitploit
added 2020/11/18 11:30 a.m.202 views

OpenEDR - Open EDR Public Repository

We at OpenEDR believe in creating a cybersecurity platform with its source code openly available to public, where products and services can be provisioned and managed together. EDR is our starting point. OpenEDR is a full blown EDR capability. It is one of the most sophisticated, effective EDR co...

6.9AI score
Exploits0References16
Kitploit
Kitploit
added 2020/08/16 10:21 p.m.202 views

PowerSharpPack - Many usefull offensive CSharp Projects wraped into Powershell for easy usage

Many usefull offensive CSharp Projects wraped into Powershell for easy usage. Why? In my personal opinion offensive Powershell is not dead because of AMSI, Script-block-logging, Constrained Language Mode or other protection features. Any of these mechanisms can be bypassed. Since most new...

7.6AI score
Exploits0References46
Kitploit
Kitploit
added 2020/05/23 10:0 p.m.202 views

Locator - Geolocator, Ip Tracker, Device Info By URL (Serveo And Ngrok)

Geolocator, Ip Tracker, Device Info by URL Serveo and Ngrok. It uses tinyurl to obfuscate the Serveo link. Legal disclaimer: Usage of Locator for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/06/03 9:58 p.m.202 views

Vulners Scanner for Android - Passive Vulnerability Scanning Based On Software Version Fingerprint

Vulners Scanner is developed by Vulners Team, the founders and maintainers of one of the world largest security databases. It implements technology of passive vulnerability scanning based on software version fingerprint. Is it legal? Absolutely. The application does not perform any malicious...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2019/03/30 8:30 p.m.202 views

FFM (Freedom Fighting Mode) - Open Source Hacking Harness

FFM is a hacking harness that you can use during the post-exploitation phase of a red-teaming engagement. The idea of the tool was derived from a 2007 conference from @thegrugq. It was presented at SSTIC 2018 and the accompanying slide deck is available at this url. If you're not familiar with th...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2018/03/25 9:39 p.m.202 views

SubOver - A Powerful Subdomain Takeover Tool

Subover is a Hostile Subdomain Takeover tool designed in Python. From start, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 36 services which is much more than any other tool out there. The tool is multithreaded and hence delivers good speed. It can easily detect...

7.2AI score
Exploits0References4
Kitploit
Kitploit
added 2021/01/12 8:30 p.m.201 views

ProtOSINT - A Python Script That Helps You Investigate Protonmail Accounts And ProtonVPN IP Addresses

ProtOSINT is a Python script that helps you investigate ProtonMail accounts and ProtonVPN IP addresses. Description This tool can help you in your OSINT investigation on Proton service for educational purposes only. ProtOSINT is separated in 3 sub-modules: 1 Test the validity of one protonmail...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/11/18 12:30 p.m.201 views

DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices

DetectionLab is tested weekly on Saturdays via a scheduled CircleCI workflow to ensure that builds are passing. Purpose This lab has been designed with defenders in mind. Its primary purpose is to allow the user to quickly build a Windows domain that comes pre-loaded with security tooling and som...

7.5AI score
Exploits0References17
Kitploit
Kitploit
added 2019/10/20 9:0 p.m.201 views

SUID3NUM - A Script Which Utilizes Python'S Built-In Modules To Find SUID Bins, Separate Default Bins From Custom Bins, Cross-Match Those With Bins In GTFO Bin's Repository & Auto-Exploit Those

A standalone python script which utilizes python's built-in modules to find SUID bins, separate default bins from custom bins, cross-match those with bins in GTFO Bin's repository & auto-exploit those, all with colors! Description A standalone script supporting both python2 & python3 to find out...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2014/06/16 11:55 p.m.201 views

ArchAssault - Arch Linux ISO for Penetration Testers

The ArchAssault Project is an Arch Linux derivative for penetration testers, security professionals and all-around Linux enthusiasts. This means we import the vast majority of the official upstream Arch Linux packages, these packages are unmodified from their upstream source. While our Arch Linux...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2020/01/01 11:30 a.m.200 views

Turbolist3r - Subdomain Enumeration Tool With Analysis Features For Discovered Domains

Turbolist3r is a fork of the sublist3r subdomain discovery tool. In addition to the original OSINT capabilties of sublist3r, turbolist3r automates some analysis of the results, with a focus on subdomain takeover. Turbolist3r queries public DNS servers for each discovered subdomain. If the subdoma...

6.8AI score
Exploits0References6
Kitploit
Kitploit
added 2019/11/10 12:0 p.m.200 views

Adaudit - Powershell Script To Do Domain Auditing Automation

PowerShell Script to perform a quick AD audit | | \ | | | || | | | | | | | | | . | | | |||/ ||||||| by phillips321 If you have any decent powershell one liners that could be used in the script please let me know. I'm trying to keep this script as a single file with no requirements on external too...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/09/14 12:0 p.m.200 views

Stegify - Go Tool For LSB Steganography, Capable Of Hiding Any File Within An Image

stegify is a simple command line tool capable of fully transparent hiding any file within an image. This technique is known as LSB Least Significant Bit steganography. Demonstration Carrier Data Results The Result file contains the Data file hidden in it. And as you can see it is fully transparen...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2019/09/05 9:44 p.m.200 views

BLUESPAWN - Windows Based Active Defense Tool To Empower Blue Teams

BLUESPAWN helps blue teams monitor Windows systems in real-time against active attackers by detecting anomalous activity Why we made BLUESPAWN We've created and open-sourced this for a number of reasons which include the following: Move Faster : We wanted tooling specifically designed to quickly...

7.3AI score
Exploits0References7
Kitploit
Kitploit
added 2016/01/29 8:30 p.m.200 views

FastIR Collector - Windows Incident Response Tool

This tool collects different artefacts on live Windows and records the results in csv files. With the analyses of this artefacts, an early compromission can be detected. Requirements pywin32 python WMI python psutil python yaml construct distorm3 hexdump pytz Execution ./fastIRx64.py -h for help...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2016/01/12 10:2 p.m.200 views

BSQLinjector - Blind SQL Injection Exploitation Tool

BSQLinjector uses blind method to retrieve data from SQL databases. I recommend using "--test" switch to clearly see how configured payload looks like before sending it to an application. Options: --file Mandatory - File containing valid HTTP request and SQL injection point SQLINJECT...

10AI score
Exploits0References1
Kitploit
Kitploit
added 2021/02/28 11:30 a.m.199 views

Gargamel - A Forensic Evidence Acquirer

A Forensic Evidence Acquirer Compile Assuming you have Rust 1.41+ installed. Open terminal in the project directory and to compile a release build type cargo build --release Debug build can be compiled using cargo build Compiled executable is located at target/release/gargamel.exe or...

7.7AI score
Exploits0References4
Kitploit
Kitploit
added 2019/11/16 9:11 p.m.199 views

Vulnx v1.9 - An Intelligent Bot Auto Shell Injector That Detect Vulnerabilities In Multiple Types Of CMS (Wordpress, Joomla, Drupal, Prestashop...)

Vulnx is An Intelligent Bot Auto Shell Injector that detect vulnerabilities in multiple types of Cms, fast cms detection,informations gathering and vulnerabilitie Scanning of the target like subdomains, ipaddresses, country, org, timezone, region, ans and more ... Instead of injecting each and...

7.1AI score
Exploits0References18
Kitploit
Kitploit
added 2018/09/22 9:7 p.m.199 views

HackBar - HackBar Plugin For Burpsuite

HackBar - HackBar Plugin For Burpsuite V1.0. Requirements Burpsuite Java How to Install Download Jar 'https://github.com/d3vilbug/HackBar/releases/tag/1.0' and add in burpsuite Tested on Burpsuite 1.7.36 Windows 10 xubuntu 18.04 Upcoming Features/Modules Ctrl + H shortcut WAF bypass SQLi...

6.6AI score
Exploits0References3
Kitploit
Kitploit
added 2024/04/11 12:30 p.m.198 views

APKDeepLens - Android Security Insights In Full Spectrum

APKDeepLens is a Python based tool designed to scan Android applications APK files for security vulnerabilities. It specifically targets the OWASP Top 10 mobile vulnerabilities, providing an easy and efficient way for developers, penetration testers, and security researchers to assess the securit...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2021/08/06 12:30 p.m.198 views

WARCannon - High Speed/Low Cost CommonCrawl RegExp In Node.js

WARCannon was built to simplify and cheapify the process of 'grepping the internet'. With WARCannon, you can: Build and test regex patterns against real Common Crawl data Easily load Common Crawl datasets for parallel processing Scale compute capabilities to asynchronously crunch through WARCs at...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2020/09/25 11:30 a.m.198 views

PwnXSS - Vulnerability XSS Scanner Exploit

A powerful XSS scanner made in python 3.7 Installing Requirements: BeautifulSoup4 pip install bs4 requests pip install requests python 3.7 Commands: git clone https://github.com/pwn0sec/PwnXSS chmod 755 -R PwnXSS cd PwnXSS python3 pwnxss.py --help Usage Basic usage: python3 pwnxss.py -u...

6.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/07/12 3:12 p.m.198 views

Shodanwave - Explore & Obtain Information from Netwave IP Camera

Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online but not only that. Hack network cameras around the world, Very fun! What does the tool to? Look, a...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2016/06/10 9:55 p.m.198 views

Detux - The Multiplatform Linux Sandbox

Detux is a sandbox developed to do traffic analysis of the Linux malwares and capture the IOCs by doing so. QEMU hypervisor is used to emulate Linux Debian for various CPU architectures. The following CPUs are currently supported: x86 x86-64 ARM MIPS MIPSEL Use the Live version now:...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2013/11/13 9:9 p.m.198 views

[Firefox Password Remover] Firefox Website Login Password Removal Tool

Firefox Password Remover is the free tool to quickly remove the stored website login passwords from Firefox. You can either remove selected ones or all of the stored passwords from the Firefox sign-on database. One of the unique feature of this tool is that it allows you to remove the website...

7AI score
Exploits0
Kitploit
Kitploit
added 2023/05/23 12:30 p.m.197 views

Acheron - Indirect Syscalls For AV/EDR Evasion In Go Assembly

Acheron is a library inspired by SysWhisper3/FreshyCalls/RecycledGate, with most of the functionality implemented in Go assembly. acheron package can be used to add indirect syscall capabilities to your Golang tradecraft, to bypass AV/EDRs that makes use of usermode hooks and instrumentation...

7.5AI score
Exploits0References13
Kitploit
Kitploit
added 2021/07/14 12:30 p.m.197 views

Injector - Complete Arsenal Of Memory Injection And Other Techniques For Red-Teaming In Windows

Complete Arsenal of Memory injection and other techniques for red-teaming in Windows What does Injector do? Process injection support for shellcode located at remote server as well as local storage. Just specify the shellcode file and it will do the rest. It will by default inject into notepad.ex...

8.5AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/28 11:30 a.m.197 views

Top 20 Most Popular Hacking Tools in 2019

As last year, this year we made a ranking with the most popular tools between January and December 2019. Topics of the tools focus on OSINT, Information Gathering, Android Hacking Tools, Automation Tools, Phishing, among others. Without going into further details, we have prepared a useful list o...

8.5AI score
Exploits0
Kitploit
Kitploit
added 2019/11/02 12:0 p.m.197 views

Gosec - Golang Security Checker

Inspects source code for security problems by scanning the Go AST. Install CI Installation binary will be $GOPATH/bin/gosec curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $GOPATH/bin vX.Y.Z or install it into ./bin/ curl -sfL...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2019/09/04 1:0 p.m.197 views

Btlejack - Bluetooth Low Energy Swiss-army Knife

Btlejack provides everything you need to sniff, jam and hijack Bluetooth Low Energy devices. It relies on one or more BBC Micro:Bit. devices running a dedicated firmware. You may also want to use an Adafruit's Bluefruit LE sniffer or a nRF51822 Eval Kit, as we added support for these devices...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2019/08/04 9:38 p.m.197 views

WiFiBroot - A WiFi Pentest Cracking Tool For WPA/WPA2 (Handshake, PMKID, Cracking, EAPOL, Deauthentication)

WiFiBroot is built to provide clients all-in-one facility for cracking WiFi WPA/WPA2 networks. It heavily depends on scapy , a well-featured packet manipulation library in Python. Almost every process within is dependent somehow on scapy layers and other functions except for operating the wireles...

7.5AI score
Exploits0References1
Total number of security vulnerabilities5000