Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2019/07/18 1:9 p.m.177 views

Detect It Easy - Program For Determining Types Of Files For Windows, Linux And MacOS

Detect It Easy, or abbreviated "DIE" is a program for determining types of files. "DIE" is a cross-platform application, apart from Windows version there are also available versions for Linux and Mac OS. Many programs of the kind PEID, PE tools allow to use third-party signatures. Unfortunately,...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/28 9:49 p.m.177 views

Kubolt - Utility For Scanning Public Kubernetes Clusters

Kubolt is a simple utility for scanning public unauthinticated kubernetes clusters and run commands inside containers. Why? Sometimes, the kubelet port 10250 is open to unauthorized access and makes it possible to run commands inside the containers using getrun function from kubelet: // getRun...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2019/01/26 12:38 p.m.177 views

Sh00T - A Testing Environment for Manual Security Testers

A Testing Environment for Manual Security Testers. Sh00t is a task manager to let you focus on performing security testing provides To Do checklists of test cases helps to create bug reports with customizable bug templates Features: Dynamic Task Manager to replace simple editors or task managemen...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2018/09/04 1:7 p.m.177 views

Datasploit - An OSINT Framework To Perform Various Recon Techniques On Companies, People, Phone Number, Bitcoin Addresses, Etc., Aggregate All The Raw Data, And Give Data In Multiple Formats

Overview of the tool: Performs OSINT on a domain/email/username/phone and find out information from different sources. Correlate and collaborate the results, show them in a consolidated manner. Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, etc. relat...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2016/06/22 10:42 p.m.177 views

SimpleEmailSpoofer - A simple Python CLI to Spoof Emails (SPF/DMARC checking)

A few Python programs designed to help penetration testers with email spoofing. SimpleEmailSpoofer.py A program that spoofs emails. Currently in development spoofcheck.py A program that checks if a domain can be spoofed from. The program checks SPF and DMARC records for weak configurations that...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2021/02/18 8:30 p.m.176 views

WireBug - A Toolset For Voice-over-IP Penetration Testing

WireBug is a tool set for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to use. The tools are build for single using too, so every tool is its own python or bash program. Installation Install the dependencies in requirements.txt and the python dependencies in...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2020/02/14 8:55 p.m.176 views

BurpSuite Random User-Agents - Burp Suite Extension For Generate A Random User-Agents

A Burp Suite extension to help pentesters to generate a random user-agent. This extension has been developed by M'hamed @m4ll0k Outaadi. Installation Download a jar file in release or compile the java code: $ git clone https://github.com/m4ll0k/BurpSuite-RandomUserAgent.git random-useragents $ cd...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/09/22 8:53 p.m.176 views

ArmourBird CSF - Container Security Framework

ArmourBird CSF - Container Security Framework is an extensible, modular, API-first framework build for regular security monitoring of docker installations and containers against CIS and other custom security checks. ArmourBird CSF has a client-server architecture and is thus divided into two...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2019/03/27 8:53 p.m.176 views

Flightsim - A Utility To Generate Malicious Network Traffic And Evaluate Controls

flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2019/03/18 12:11 p.m.176 views

DOGE - Darknet Osint Graph Explorer

DOGE Darknet Osint Graph Explorer Still in dev, works right. You should use this in addtion to Darknet OSINT Transform Pay attention here Query prototype: SELECT DISTINCT customcolumnname AS input, anothercustomname AS output FROM sometable, obviously you can add other options as WHERE, ORDER BY,...

7.2AI score
Exploits0References4
Kitploit
Kitploit
added 2017/12/29 9:33 p.m.176 views

Fsociety Hacking Tools Pack - A Penetration Testing Framework

A Penetration Testing Framework , you will have evry script that a hacker needs Menu Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation INSTALL & UPDATE InformationGathering : Nmap Setoolkit Port Scannin...

7.8AI score
Exploits0References3
Kitploit
Kitploit
added 2024/09/22 11:30 a.m.175 views

Secator - The Pentester'S Swiss Knife

secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and it is designed to improve productivity for pentesters and security researchers. Features Curated list of commands Unified input options Unified output schema CLI and library...

6.6AI score
Exploits0References23
Kitploit
Kitploit
added 2019/06/16 10:16 p.m.175 views

Quarantyne - Modern Web Firewall: Stop Account Takeovers, Weak Passwords, Cloud IPs, DoS Attacks, Disposable Emails

Automated web security made simple Quarantyne is a reverse-proxy that protects web applications and APIs from fraudulent behavior, misuse, bots and cyber-attacks in real-time. Requirements Java 8 Presentation Quarantyne is a reverse-proxy written in java. It fronts a web application or API and...

7.7AI score
Exploits0References5
Kitploit
Kitploit
added 2019/01/26 8:37 p.m.175 views

identYwaf - Blind WAF Identification Tool

identYwaf is an identification tool that can recognize web protection type i.e. WAF based on blind inference. Blind inference is being done by inspecting responses provoked by a set of predefined offensive non-destructive payloads, where those are used only to trigger the web protection system in...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2018/08/04 1:20 p.m.175 views

CertCrunchy - Just A Silly Recon Tool That Uses Data From SSL Certificates To Find Potential Host Names

It just a silly python script that either retrieves SSL Certificate based data from online sources, currently https://crt.sh/, https://certdb.com/, https://sslmate.com/certspotter/ and https://censys.io or given a IP range it will attempt to extract host information from SSL Certificates. If you...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/06 1:18 p.m.175 views

RetDec - A Retargetable Machine-Code Decompiler

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code. Supported architectures 32b...

6.6AI score
Exploits0References11
Kitploit
Kitploit
added 2014/02/04 7:10 p.m.175 views

Exploit Linux 3.4+ Local Root (CONFIG_X86_X32=y)

OSVDB-ID: 2014-0038 Author: rebel Published: 2014-02-02 / ============================== recvmmsg.c - linux 3.4+ local root CONFIGX86X32=y CVE-2014-0038 / x32 ABI with recvmmsg by rebel @ irc.smashthestack.org ----------------------------------- takes about 13 minutes to run because timeout-tvsec...

6.9CVSS6.1AI score0.34649EPSS
Exploits16
Kitploit
Kitploit
added 2025/04/10 12:30 p.m.174 views

Moukthar - Android Remote Administration Tool

Remote adminitration tool for android Features Permissions bypass android 12 below https://youtube.com/shorts/-w8H0lkFxb0 Keylogger https://youtube.com/shorts/Ll9dNrkjFOA Notifications listener SMS listener Phone call recording Image capturing and screenshots Video recording Persistence Read &...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2024/06/26 12:30 p.m.174 views

Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife

Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned So Ashok is an Incredible fast recon tool for penetration tester which is specially designed for Reconnaissance" title="Reconnaissance"Reconnaissance phase. And in...

7AI score
Exploits0References12
Kitploit
Kitploit
added 2020/06/20 12:30 p.m.174 views

Iox - Tool For Port Forward &Amp; Intranet Proxy

Tool for port forward & intranet proxy, just like lcx/ew, but better Why write? lcx and ew are awesome, but can be improved. when I first used them, I can't remember these complicated parameters for a long time, such as tran, slave, rcsocks, sssocks.... The work mode is clear, why do they design...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/05/10 9:30 p.m.174 views

PayloadsAllTheThings - A List Of Useful Payloads And Bypass For Web Application Security And Pentest/CTF

A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques ! Every section contains the following files, you can use the templatevuln folder to create a new chapter: README.md - vulnerability description and how to exploit it Intrud...

7.3AI score
Exploits0References23
Kitploit
Kitploit
added 2020/03/25 8:30 p.m.174 views

Katana - A Python Tool For Google Hacking

Katana-ds ds for dorkscanner is a simple python tool that automates Google Hacking/Dorking and support Tor It becomes more powerful in combination with GHDB Installation : Use the package manager pip to install requirements cd Katana python3 pip install -r requirments python3 katana-ds.py Tested...

7.1AI score
Exploits0References4
Kitploit
Kitploit
added 2019/09/19 12:17 p.m.174 views

Dolos Cloak - Automated 802.1X Bypass

Dolos Cloak is a python script designed to help network penetration testers and red teamers bypass 802.1x solutions by using an advanced man-in-the-middle attack. The tool is able to piggyback on the wired connection of a victim device that is already allowed on the target network without kicking...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/02/17 12:45 p.m.174 views

TROMMEL - Sift Through Embedded Device Files To Identify Potential Vulnerable Indicators

TROMMEL sifts through embedded device files to identify potential vulnerable indicators. TROMMEL identifies the following indicators related to: Secure Shell SSH key files Secure Socket Layer SSL key files Internet Protocol IP addresses Uniform Resource Locator URL email addresses shell scripts w...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/02/05 8:26 p.m.174 views

Bscan - An Asynchronous Target Enumeration Tool

Synopsis bscan is a command-line utility to perform active information gathering and service enumeration. At its core, bscan asynchronously spawns processes of well-known scanning utilities, repurposing scan results into highlighted console output and a well-defined directory structure...

7.3AI score
Exploits0References8
Kitploit
Kitploit
added 2012/11/04 6:50 p.m.174 views

[Cookie Cadger] v.0.9

An auditing tool for Wi-Fi or wired Ethernet connections Cookie Cadger helps identify information leakage from applications that utilize insecure HTTP GET requests. Cookie Cadger works on Windows, Linux, or Mac, and requires Java 7. Using Cookie Cadger requires having “tshark” – a utility which i...

7AI score
Exploits0
Kitploit
Kitploit
added 2021/02/06 8:30 p.m.173 views

ExecuteAssembly - Load/Inject .NET Assemblies

ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by; reusing the host spawnto process loaded CLR Modules/AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI,...

7AI score
Exploits0References8
Kitploit
Kitploit
added 2020/04/30 12:30 p.m.173 views

Runtime Mobile Security (RMS) - A Powerful Web Interface That Helps You To Manipulate Android Java Classes And Methods At Runtime

Runtime Mobile Security RMS , powered by FRIDA, is a powerful web interface that helps you to manipulate Android Java Classes and Methods at Runtime. You can easily dump all the loaded classes and relative methods, hook everything on the fly, trace methods args and return value, load custom scrip...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2020/02/28 8:30 p.m.173 views

Polyshell - A Bash/Batch/PowerShell Polyglot!

PolyShell is a script that's simultaneously valid in Bash, Windows Batch, and PowerShell i.e. a polyglot. This makes PolyShell a useful template for penetration testing as it can be executed on most systems without the need for target-specific payloads. PolyShell is also specifically designed to ...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2019/09/27 12:0 p.m.173 views

Rebel-Framework - Advanced And Easy To Use Penetration Testing Framework

Automate the automation START git clone https://github.com/rebellionil/rebel-framework.git cd rebel-framework bash setup.sh bash rebel.sh MODULES SCREENSHOTS DEMOS !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsE...

7.4AI score
Exploits0References13
Kitploit
Kitploit
added 2019/06/24 10:19 p.m.173 views

RedGhost - Linux Post Exploitation Framework Designed To Gain Persistence And Reconnaissance And Leave No Trace

Linux post exploitation framework designed to assist red teams in gaining persistence, reconnaissance and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl Crontab Function to create cron job that downloads and runs payload eve...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/10/14 9:56 p.m.173 views

Auto-Root-Exploit - Auto Root Exploit Tool

Auto Root Exploit Tool Author : Nilotpal Biswas Facebook : https://www.facebook.com/nilotpal.biswas.73 Twitter : https://twitter.com/nilotpalhacker USAGE : for kernel version 2.6 all bash autoroot.sh 2 for kernel version 3 all bash autoroot.sh 3 for kernel version 4 all bash autoroot.sh 4 for...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2017/07/21 2:30 p.m.173 views

Prowler - Tool for AWS Security Assessment, Auditing And Hardening

Tool based on AWS-CLI commands for AWS account security assessment and hardening, following guidelines of the CIS Amazon Web Services Foundations Benchmark 1.1 Features It covers hardening and security best practices for all AWS regions related to: Identity and Access Management 24 checks Logging...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2021/05/02 9:30 p.m.172 views

WinPmem - The Multi-Platform Memory Acquisition Tool

The WinPmem memory acquisition driver and userspace WinPmem has been the default open source memory acquisition driver for windows for a long time. It used to live in the Rekall project, but has recently been separated into its own repository. Copyright This code was originally developed within...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2020/05/07 9:30 p.m.172 views

PowerSploit - A PowerShell Post-Exploitation Framework

PowerSploit is a collection of Microsoft PowerShell modules that can be used to aid penetration testers during all phases of an assessment. PowerSploit is comprised of the following modules and scripts: CodeExecution Execute code on a target machine. Invoke-DllInjection Injects a Dll into the...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2014/01/25 8:14 p.m.172 views

[Netsparker v3.2] Web Application Security Scanner

Netsparker can crawl, attack and identify vulnerabilities in all custom web applications regardless of the platform and the technology they are built on, just like an actual attacker. It can identify web application vulnerabilities like SQL Injection, Cross-site Scripting XSS, Remote Code Executi...

8.6AI score
Exploits0
Kitploit
Kitploit
added 2021/07/04 9:30 p.m.171 views

Scour - AWS Exploitation Framework

Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team analysis. Scour contains modern techniques that can be used to attack environments or build detections for defense. Features Command Completion Dynamic resource listing Command...

7.9AI score
Exploits0References11
Kitploit
Kitploit
added 2019/11/28 8:33 p.m.171 views

Netstat2Neo4J - Create Cypher Create Statements For Neo4J Out Of Netstat Files From Multiple Machines

Graphs help to spot anomalies and patterns in large datasets. This script takes netstat information from multiple hosts and formats them in a way to make them importable into Neo4j. Neo4j can be queried for find connections to certain hosts, from certain hosts, find out the usage or protocols and...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2019/10/18 12:30 p.m.171 views

XMLRPC Bruteforcer - An XMLRPC Brute Forcer Targeting Wordpress

An XMLRPC brute forcer targeting Wordpress written in Python 3. In the context of xmlrpc brute forcing, its faster than Hydra and WpScan. It can brute force 1000 passwords per second. Usage python3 xmlrcpbruteforce.py http://wordpress.org/xmlrpc.php passwords.txt username python3...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/21 1:30 p.m.171 views

Hvazard - Remove Short Passwords & Duplicates, Change Lowercase To Uppercase & Reverse, Combine Wordlists!

Remove short passwords & duplicates, change lowercase to uppercase & reverse, combine wordlists! Manual & explaination -d --dict Specifies the file you want to modify. This is the only parameter / argument that is not optional. -o --out The output filename optional. Default is out.txt. -s --short...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/10 10:15 p.m.171 views

Cloud Security Audit - A Command Line Security Audit Tool For Amazon Web Services

A command line security audit tool for Amazon Web Services About Cloud Security Audit is a command line tool that scans for vulnerabilities in your AWS Account. In easy way you will be able to identify unsecure parts of your infrastructure and prepare your AWS account for security audit...

7AI score
Exploits0References7
Kitploit
Kitploit
added 2019/05/05 12:58 p.m.171 views

Joy - A Package For Capturing And Analyzing Network Flow Data And Intraflow Data, For Network Research, Forensics, And Security Monitoring

Joy is a BSD-licensed libpcap-based software package for extracting data features from live network traffic or packet capture pcap files, using a flow-oriented model similar to that of IPFIX or Netflow, and then representing these data features in JSON. It also contains analysis tools that can be...

6.8AI score
Exploits0References5
Kitploit
Kitploit
added 2019/01/31 8:42 p.m.171 views

Fierce - Semi-Lightweight Scanner That Helps Locate Non-Contiguous IP Space And Hostnames Against Specified Domains

Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It's really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require that you already know what IP space you are looking for. This does not...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2018/12/08 12:32 p.m.171 views

Tcpreplay - Pcap Editing And Replay Tools For *NIX And Windows

Tcpreplay is a suite of GPLv3 licensed utilities for UNIX and Win32 under Cygwin operating systems for editing and replaying network traffic which was previously captured by tools like tcpdump and Ethereal/Wireshark. It allows you to classify traffic as client or server, rewrite Layer 2, 3 and 4...

7.2AI score
Exploits0References10
Kitploit
Kitploit
added 2018/09/23 12:44 p.m.171 views

Nmap Bootstrap XSL - A Nmap XSL Implementation With Bootstrap

A Nmap XSL implementation with Bootstrap. How to use Add the nmap-bootstrap.xsl as stylesheet to your Nmap scan. For example: nmap -sS -T4 -A -sC -oA scanme --stylesheet https://raw.githubusercontent.com/honze-net/nmap-bootstrap-xsl/master/nmap-bootstrap.xsl scanme.nmap.org scanme2.nmap.org Open...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2017/02/19 1:42 p.m.171 views

Dr0p1t-Framework - A Framework That Creates An Advanced FUD Dropper With Some Tricks

Have you ever heard about trojan droppers ? you can read about them from here . Dr0p1t let you create dropper like any tool but this time FUD with some tricks ; Features Works with Windows and Linux Adding malware after downloading it to startup Adding malware after downloading it to task schedul...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/01/31 8:30 p.m.170 views

RiskAssessmentFramework - Static Application Security Testing

The OWASP Risk Assessment Framework consist of Static application security testing and Risk Assessment tools, Eventhough there are many SAST tools available for testers, but the compatibility and the Environement setup process is complex. By using OWASP Risk Assessment Framework's Static...

7.8AI score
Exploits0References6
Kitploit
Kitploit
added 2019/12/26 8:46 p.m.170 views

nmapAutomator - Tool To Automate All Of The Process Of Recon/Enumeration

nmapAutomator A script that you can run in the background! Summary The main goal for this script is to automate all of the process of recon/enumeration that is run every time, and instead focus our attention on real pen testing. This will ensure two things: 1 Automate nmap scans. 2 Always have so...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2019/10/12 8:30 p.m.170 views

Tylium - Primary Data Pipelines For Intrusion Detection, Security Analytics And Threat Hunting

These files contain configuration for producing EDR endpoint detection and response data in addition to standard system logs. These configurations enable the production of these data streams using F/OSS free and / or open source tooling. The F/OSS tools consist of Auditd for Linux; Sysmon for...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/16 1:0 p.m.170 views

SecurityRAT - Tool For Handling Security Requirements In Development

OWASP Security RAT Requirement Automation Tool is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you're developing based on this information, list of common securit...

7.3AI score
Exploits0References2
Total number of security vulnerabilities5000