Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2020/11/19 8:30 p.m.183 views

Doctrack - Tool To Manipulate And Insert Tracking Pixels Into Office Open XML Documents (Word, Excel)

Tool to manipulate and insert tracking pixels into Office Open XML documents. Features Insert tracking pixels into Office Open XML documents Word and Excel Inject template URL for remote template injection attack Inspect external target URLs and metadata Create Office Open XML documents TODO...

7.9AI score
Exploits0References1
Kitploit
Kitploit
added 2020/11/14 11:30 a.m.183 views

Linux-Evil-Toolkit - A Framework That Aims To Centralize, Standardize And Simplify The Use Of Various Security Tools For Pentest Professionals

Linux evil toolkit is a framework that aims to centralize, standardize and simplify the use of various security tools for pentest professionals. LETK Linux evil toolkit has few simple commands, one of which is the INIT that allows you to define a target, and thus use all the tools without typing...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2020/10/25 11:30 a.m.183 views

Manuka - A Modular OSINT Honeypot For Blue Teamers

Manuka is an Open-source intelligence OSINT honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers. It creates a simulated environment consisting of staged OSINT sources, such as social media profiles and leaked credentials, and trac...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/31 12:30 p.m.183 views

Wireshark Cheatsheet

Wireshark, whose old name is Ethereal; It is a program that can run in many operating systems such as Windows, Linux, MacOS or Solaris and can analyze all the traffic going to network cards connected to computer. Analyze over 750 protocols Can capture packets and save them to a file. Logical...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2024/04/24 2:23 a.m.182 views

C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets

Free to use IOC feed for various tools/malware. It started out for just C2 tools but has morphed into tracking infostealers and botnets as well. It uses shodan.io/"Shodan searches to collect the IPs. The most recent collection is always stored in data; the IPs are broken down by tool and there is...

7.1AI score
Exploits0References13
Kitploit
Kitploit
added 2021/01/01 11:30 a.m.182 views

RogueWinRM - Windows Local Privilege Escalation From Service Account To System

RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account with SeImpersonatePrivilege to Local System account if WinRM service is not running default on Win10 but NOT on Windows Server 2019. Briefly, it will listen for incoming connection on port 5985 fakin...

7.8AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/12 11:27 a.m.182 views

HashCobra - Hash Cracking Tool

hashcobra Hash Cracking tool. Usage $ ./hashcobra -H --== hashcobra by sepehrdad ==-- usage: hashcobra -o options | misc options: -a - hashing algorithm default: md5 - ? to list available algorithms -c - compression algorithm default: zstd - ? to list available algorithms -h - hash to crack -r -...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2019/05/13 12:43 p.m.182 views

Pacbot - Platform For Continuous Compliance Monitoring, Compliance Reporting And Security Automation For The Cloud

Policy as Code Bot PacBot is a platform for continuous compliance monitoring, compliance reporting and security automation for the cloud. In PacBot, security and compliance policies are implemented as code. All resources discovered by PacBot are evaluated against these policies to gauge policy...

7.3AI score
Exploits0References14
Kitploit
Kitploit
added 2019/04/08 12:43 p.m.182 views

Beagle - An Incident Response And Digital Forensics Tool Which Transforms Security Logs And Data Into Graphs

Beagle is an incident response and digital forensics tool which transforms data sources and logs into graphs. Supported data sources include FireEye HX Triages, Windows EVTX files, SysMon logs and Raw Windows memory images. The resulting Graphs can be sent to graph databases such as Neo4J or...

6.6AI score
Exploits0References7
Kitploit
Kitploit
added 2019/03/29 8:12 p.m.182 views

phpMussel - PHP-based Anti-Virus Anti-Trojan Anti-Malware Solution

phpMussel is an ideal solution for shared hosting environments, where it's often not possible to utilize or install conventional anti-virus protection solutions, phpMussel is a PHP script designed to detect trojans, viruses,malware and other threats within files uploaded to your system wherever t...

7.2AI score
Exploits0References20
Kitploit
Kitploit
added 2019/03/05 12:24 p.m.182 views

UserLAnd - The Easiest Way To Run A Linux Distribution or Application on Android

The easiest way to run a Linux distribution or application on Android. Features: Run full linux distros or specific applications on top of Android. Install and uninstall like a regular app. No root required. Start using UserLAnd There are two ways to use UserLAnd: single-click apps and user-defin...

7.3AI score
Exploits0References7
Kitploit
Kitploit
added 2019/02/01 12:39 p.m.182 views

Stenographer - A Packet Capture Solution Which Aims To Quickly Spool All Packets To Disk, Then Provide Simple, Fast Access To Subsets Of Those Packets

Stenographer is a full-packet-capture utility for buffering packets to disk for intrusion detection and incident response purposes. It provides a high-performance implementation of NIC-to-disk packet writing, handles deleting those files as disk fills up, and provides methods for reading back...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/04/29 12:30 p.m.181 views

ROADtools - The Azure AD Exploration Framework

R ogue O ffice 365 and A zure active D irectory tools ROADtools is a framework to interact with Azure AD. It currently consists of a library roadlib and the ROADrecon Azure AD exploration tool. ROADlib ROADlib is a library that can be used to authenticate with Azure AD or to build tools that...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2020/01/26 9:0 p.m.181 views

Socialscan - Check Email Address And Username Availability On Online Platforms With 100% Accuracy

socialscan offers accurate and fast checks for email address and username usage on online platforms. Given an email address or username, socialscan returns whether it is available, taken or invalid on online platforms. Features that differentiate socialscan from similar tools e.g. knowem.com,...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/01/04 9:0 p.m.181 views

WindowsFirewallRuleset - Windows Firewall Ruleset Powershell Scripts

About WindowsFirewallRuleset Windows firewall rulles organized into individual powershell scripts according to: 1. Rule group 2. Traffic direction 3. IP version IPv4 / IPv6 4. Further sorted according to programs and services such as for example: 2. ICMP traffic 3. Browser rules 4. rules for...

7.5AI score
Exploits0References7
Kitploit
Kitploit
added 2019/08/08 9:15 p.m.181 views

Commando VM v2.0 - The First Full Windows-based Penetration Testing Virtual Machine Distribution

Welcome to CommandoVM - a fully customizable, Windows-based security distribution for penetration testing and red teaming. For detailed install instructions or more information please see our blog Installation Install Script Requirements Windows 7 Service Pack 1 or Windows 10 60 GB Hard Drive 2 G...

8.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/07/14 1:9 p.m.181 views

Pown-Duct - Essential Tool For Finding Blind Injection Attacks

Essential tool for finding blind injection attacks using DNS side-channels. Credits This tool is part of secapps.com open-source initiative. / | / | /\ | \ / | \ \ | / | / /\ \ |/// \| || |/ https://secapps.com NB : This tool is taking advantage of http://requestbin.net service. Future versions...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2019/06/25 1:11 p.m.181 views

One-Lin3r v2.0 - Gives You One-Liners That Aids In Penetration Testing Operations, Privilege Escalation And More

One-Lin3r is simple modular and light-weight framework gives you all the one-liners that you will need while penetration testing Windows, Linux, macOS or even BSD systems or hacking generally with a lot of new features to make all of this fully automated ex: you won't even need to copy the...

7.8AI score
Exploits0References4
Kitploit
Kitploit
added 2019/05/18 12:59 p.m.181 views

Brutemap - Tool That Automates Testing Accounts To The Site's Login Page

Brutemap is an open source penetration testing tool that automates testing accounts to the site's login page, based on Dictionary Attack. With this, you no longer need to search for other bruteforce tools and you also no longer need to ask CMS What is this? only to find parameter forms, because...

7AI score
Exploits0References6
Kitploit
Kitploit
added 2021/07/03 12:30 p.m.180 views

GDir-Thief - Red Team Tool For Exfiltrating The Target Organization'S Google People Directory That You Have Access To, Via Google's API

Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's People API. HOW TO Create a new Google Cloud Platform GCP project Steps to get the Google API Access Token needed for connecting to the API 1. Create a burner gmail/google accoun...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2020/09/26 8:30 p.m.180 views

SharpSecDump - .Net Port Of The Remote SAM + LSA Secrets Dumping Functionality Of Impacket'S Secretsdump.Py

.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py. By default runs in the context of the current user. Please only use in environments you own or have permission to test against : Usage SharpSecDump.exe -target=192.168.1.15 -u=admin -p=Password123...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2019/10/17 11:53 a.m.180 views

Cotopaxi - Set Of Tools For Security Testing Of Internet Of Things Devices Using Specific Network IoT Protocols

Set of tools for security testing of Internet of Things devices using protocols like: CoAP, DTLS, HTCPCP, mDNS, MQTT, SSDP. Installation: Simply clone code from git: https://github.com/Samsung/cotopaxi Requirements: Currently Cotopaxi works only with Python 2.7.x, but future versions will work al...

10CVSS9.1AI score0.05692EPSS
Exploits5References1
Kitploit
Kitploit
added 2019/08/08 1:5 p.m.181 views

Skadi - Collect, Process, And Hunt With Host Based Data From MacOS, Windows, And Linux

pronounced “SKAH-Dee”: similar to Scotty but with a d sound is a giantess and goddess of hunting in Norse mythology Purpose Skadi is a free, open source collection of tools that enables the collection, processing and advanced analysis of forensic artifacts and images. It works on MacOS, Windows,...

6.6AI score
Exploits0References11
Kitploit
Kitploit
added 2019/07/30 1:0 p.m.180 views

WeebDNS - DNS Enumeration With Asynchronicity

DNSEnumeration Tool with Asynchronicity. Features WeebDNS is an 'Asynchronous' DNS Enumeration Tool made with Python3 which makes it much faster than normal Tools. PREREQUISITES Python 3.x pip3 git PYTHON 3 PREREQUISITES aiohttp asyncio aiodns Installation Resolve dependencies Ubuntu/Debian Syste...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2019/04/15 1:7 p.m.180 views

W12Scan - A Simple Asset Discovery Engine For Cybersecurity

Chinese W12scan is a network asset discovery engine that can automatically aggregate related assets for analysis and use. Here is a web source program, but the scanning end is at w12scan-client Thinking Based on python3 + django + elasticsearch + redis and use the web restful api to add scan...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2019/03/03 8:23 p.m.180 views

CMSeeK v1.1.1 - CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 150 Other CMSs)

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.1.1 01-02-2019 - Version 1.1.0...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2018/03/19 9:9 p.m.180 views

Converto - Installing Kali Linux On VPS Server

Installing Kali Linux On VPS Server. Steps For Installing :- 1.sudo apt-get update 2.sudo apt-get install git 3.git clone https://github.com/developerkunal/Converto.git 4.cd Converto. 5.chmod +x converto.sh 6. ./converto.sh 7. Type 1 For Install Type 2 For Exit 8. Press 1 and Enter 9. Now choose...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2022/08/27 12:30 p.m.179 views

Rekono - Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically

Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email or Telegram notifications and also can be imported in Defect-Dojo if an advanced...

7.3AI score
Exploits0References23
Kitploit
Kitploit
added 2022/06/25 12:30 p.m.179 views

Nim-Loader - WIP Shellcode Loader In Nim With EDR Evasion Techniques

a very rough work-in-progress adventure into learning nim by cobbling resources together to create a shellcode loader that implements common EDR/AV evasion techniques. This is a mess and is forresearch purposes only! Please don't expect it to compile and run without your own modifications...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2021/04/18 12:30 p.m.179 views

HttpDoom - A Tool For Response-Based Inspection Of Websites Across A Large Amount Of Hosts For Quickly Gaining An Overview Of HTTP-based Attack Surface

Validate large HTTP-based attack surfaces in a very fast way. Heavily inspired by Aquatone. Why? When I utilize Aquatone to flyover some hosts, I have some performance issues by the screenshot feature, and the lack of extension capabilities - like validating front-end technologies with a...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2020/05/09 10:0 p.m.179 views

GDBFrontend - An Easy, Flexible And Extensionable GUI Debugger

GDBFrontend is an easy, flexible and extensionable gui debugger. Installing Deb Package Debian / Ubuntu / KDE Neon You can install GDBFrontend via deb package for Debian-based distributions. You can install it from following commands: echo "deb trusted=yes https://oguzhaneroglu.com/deb/ ./" | sud...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2020/03/02 12:0 p.m.179 views

BadBlood - Fills A Microsoft Active Directory Domain With A Structure And Thousands Of Objects

BadBlood by Secframe fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2019/10/10 12:0 p.m.179 views

MalConfScan - Volatility Plugin For Extracts Configuration Data Of Known Malware

MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis. This tool searches for malware in memory images and dumps configuration data. In addition, this tool has a function ...

7.4AI score
Exploits0References4
Kitploit
Kitploit
added 2019/07/21 9:55 p.m.179 views

SUDO_KILLER - A Tool To Identify And Exploit Sudo Rules Misconfigurations And Vulnerabilities Within Sudo

If you like the project and for my personal motivation so as to develop other tools please a +1 star SUDOKILLER SUDOKILLER is a tool which help to abuse SUDO in different ways and with the main objective of performing a privilege escalation on linux environment. The tool helps to identify...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2019/04/06 9:12 p.m.179 views

XanXSS - A Simple XSS Finding Tool

XanXSS is a reflected XSS searching tool DOM coming soon that creates payloads based from templates. Unlike other XSS scanners that just run through a list of payloads. XanXSS tries to make the payload unidentifiable, for example: /cLIcKMe!XaNxss With XanXSS every payload is different. XanXSS wor...

6.3AI score
Exploits0References4
Kitploit
Kitploit
added 2019/01/13 12:10 p.m.179 views

Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support

Easily turn single threaded command line applications into fast, multi threaded application with CIDR and glob support. Setup Install using: $ python3 setup.py install Dependencies will then be installed and Interlace will be added to your path as interlace. Usage Argument | Description ---|--- -...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2018/09/30 9:25 p.m.179 views

Kemon - An Open-Source Pre And Post Callback-Based Framework For macOS Kernel Monitoring

An Open-Source Pre and Post Callback-Based Framework for macOS Kernel Monitoring. What is Kemon? An open-source Pre and Post callback-based framework for macOS kernel monitoring. With the power of Kemon, we can easily implement LPC communication monitoring, MAC policy filtering, kernel driver...

7.8CVSS7.8AI score0.01375EPSS
Exploits0References1
Kitploit
Kitploit
added 2022/03/18 11:30 a.m.178 views

Epagneul - Graph Visualization For Windows Event Logs

Epagneul is a tool to visualize and investigatewindows event logs. Deployment Requires docker and docker-compose to be installed. Installing make Offline deployment On a machine connected to internet, build an offline release: make release This will create a release folder containing ready to go...

7.4AI score
Exploits0References6
Kitploit
Kitploit
added 2021/03/01 11:30 a.m.178 views

StandIn - A Small .NET35/45 AD Post-Exploitation Toolkit

StandIn is a small AD post-compromise toolkit. StandIn came about because recently at xforcered we needed a .NET native solution to perform resource based constrained delegation. However, StandIn quickly ballooned to include a number of comfort features. I want to continue developing StandIn to...

6.7AI score
Exploits0References28
Kitploit
Kitploit
added 2019/03/30 12:9 p.m.178 views

Just-Metadata - Tool That Gathers And Analyzes Metadata About IP Addresses

Just-Metadata is a tool that can be used to gather intelligence information passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has "gather" modules which are used to gather metadata about IPs loaded into the...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/02/20 12:30 p.m.178 views

OSINT-SPY - Search using OSINT (Open Source Intelligence)

Performs OSINT scan on email/domain/ipaddress/organization using OSINT-SPY. It can be used by Data Miners, Infosec Researchers, Penetration Testers and cyber crime investigator in order to find deep information about their target. OSINT-SPY Documentation beta File Name : README Author : @sksecuri...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/02/03 8:31 p.m.178 views

Fwknop - Single Packet Authorization & Port Knocking

fwknop implements an authorization scheme known as Single Packet Authorization SPA for strong service concealment. SPA requires only a single packet which is encrypted, non-replayable, and authenticated via an HMAC in order to communicate desired access to a service that is hidden behind a firewa...

8AI score
Exploits0References7
Kitploit
Kitploit
added 2019/01/27 8:44 p.m.178 views

Sn0Int - Semi-automatic OSINT Framework And Package Manager

sn0int is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunters to gather intelligence about a given target or about yourself. sn0int is enumerating attack surface by semi-automatically processing public information and mapping the result...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/05 12:59 p.m.178 views

JSShell - An Interactive Multi-User Web JS Shell

An interactive multi-user web based javascript shell. It was initially created in order to debug remote esoteric browsers during experiments and research. This tool can be easily attached to XSS Cross Site Scripting payload to achieve browser remote code execution similar to the BeeF framework...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2023/11/01 11:30 a.m.177 views

Cve-Collector - Simple Latest CVE Collector

Simple Latest CVE Collector Written in Python There are various methods for collecting the latest CVE Common Vulnerabilities and Exposures information. This code was created to provide guidance on how to collect, what information to include, and how to code when creating a CVE collector. The code...

9.8CVSS8.2AI score0.009EPSS
Exploits9References1
Kitploit
Kitploit
added 2023/07/10 12:30 p.m.177 views

WPAxFuzz - A Full-Featured Open-Source Wi-Fi Fuzzer

This tool is capable of fuzzing either any management, control or data frame of the 802.11 protocol or the SAE exchange. For the management, control or data frames, you can choose either the "standard" mode where all of the frames transmitted have valid size values or the "random" mode where the...

7.5CVSS6.9AI score0.02686EPSS
Exploits0References4
Kitploit
Kitploit
added 2021/07/26 12:30 p.m.177 views

Juumla - Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla!

Juumla is a python tool developed to identify the current Joomla version and scan for readable Joomla config files. Installing / Getting started A quick guide of how to install and use Juumla. 1. Clone the repository - git clone https://github.com/oppsec/juumla.git 2. Install the libraries - pip3...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/10/26 11:30 a.m.177 views

Decoder++ - An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats

An extensible application for penetration testers and software developers to decode/encode data into various formats. Setup Decoder++ can be either installed by using pip or by pulling the source from this repository: Install using pip pip3 install decoder-plus-plus Overview This section provides...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2020/09/11 11:30 a.m.177 views

Avcleaner - C/C++ Source Obfuscator For Antivirus Bypass

C/C++ source obfuscator for antivirus bypass. Build docker build . -t avcleaner docker run -v /dev/scrt/avcleaner:/home/toto -it avcleaner bash adapt /dev/scrt/avcleaner to the path where you cloned avcleaner sudo pacman -Syu mkdir CMakeBuild && cd CMakeBuild cmake .. make -j 2 ./avcleaner.bin...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/18 1:9 p.m.177 views

Detect It Easy - Program For Determining Types Of Files For Windows, Linux And MacOS

Detect It Easy, or abbreviated "DIE" is a program for determining types of files. "DIE" is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS. Many programs of the kind PEID, PE tools allow to use third-party signatures. Unfortunately,...

7AI score
Exploits0References1
Total number of security vulnerabilities5000