Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
•added 2018/12/22 1:10 p.m.•170 views

SharpWeb - .NET 2.0 CLR Project To Retrieve Saved Browser Credentials From Google Chrome, Mozilla Firefox And Microsoft Internet Explorer/Edge

SharpWeb is a .NET 2.0 CLR compliant project that can retrieve saved logins from Google Chrome, Firefox, Internet Explorer and Microsoft Edge. In the future, this project will be expanded upon to retrieve Cookies and History items from these browsers. Usage Usage: .\SharpWeb.exe arg0 arg1 arg2...

7.1AI score
Exploits0References3
Kitploit
Kitploit
•added 2014/07/24 2:8 a.m.•170 views

aNmap - Android Network Mapper (Nmap for Android)

Nmap is one of the most improtant tools for every cracker white, grey black hat "hacker". Nmap is a legendary hack tool and probably the prevelent networt security port scanner tool over the last 10 years on all major Operating Systems. So far it was available in windows, linux and Mac OS X. But...

7.6AI score
Exploits0
Kitploit
Kitploit
•added 2021/02/13 11:30 a.m.•169 views

Darkdump - Search The Deep Web Straight From Your Terminal

Darkdump is a simple script written in Python3.9 in which it allows users to enter a search term query in the command line and darkdump will pull all the deep web sites relating to that query. Darkdump wraps up the darksearch.io API. Installation 1. git clone https://github.com/josh0xA/darkdump 2...

7.3AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/05/16 1:0 p.m.•169 views

SecurityRAT - Tool For Handling Security Requirements In Development

OWASP Security RAT Requirement Automation Tool is a tool supposed to assist with the problem of addressing security requirements during application development. The typical use case is: specify parameters of the software artifact you're developing based on this information, list of common securit...

7.3AI score
Exploits0References2
Kitploit
Kitploit
•added 2018/08/08 1:39 p.m.•169 views

Hcxdumptool - Small Tool To Capture Packets From Wlan Devices

Small tool to capture packets from wlan devices. After capturing, upload the "uncleaned" cap here https://wpa-sec.stanev.org/?submit to see if your ap or the client is vulnerable by using common wordlists. Convert the cap to hccapx and/or to WPA-PMKID-PBKDF2 hashline 16800 with hcxpcaptool hcxtoo...

7.2AI score
Exploits0References1
Kitploit
Kitploit
•added 2016/08/13 3:30 p.m.•169 views

OpenStego - Steganography Application (Data Hiding and Watermarking)

OpenStego is a steganography application that provides two functionalities: 1. Data Hiding: It can hide any data within a cover file e.g. images. 2. Watermarking: Watermarking files e.g. images with an invisible signature. It can be used to detect unauthorized file copying. Usage For GUI: java -j...

7.3AI score
Exploits0References1
Kitploit
Kitploit
•added 2020/12/04 11:30 a.m.•168 views

Enum4Linux-Ng - A Next Generation Version Of Enum4Linux (A Windows/Samba Enumeration Tool) With Additional Features Like JSON/YAML Export

enum4linux-ng.py is a rewrite of Mark Lowe's former Portcullis Labs now Cisco CX Security Labs enum4linux.pl, a tool for enumerating information from Windows and Samba systems, aimed for security professionals and CTF players. The tool is mainly a wrapper around the Samba tools nmblookup, net,...

7.4AI score
Exploits0References6
Kitploit
Kitploit
•added 2020/11/18 8:30 p.m.•168 views

Teler - Real-time HTTP Intrusion Detection

teler is an real-time intrusion detection and threat alert based on web log that runs in a terminal with resources that we collect and provide by the community. Features Real-time : Analyze logs and identify suspicious activity in real-time. Alerting : teler provides alerting when a threat is...

7.2AI score
Exploits0References6
Kitploit
Kitploit
•added 2020/09/16 8:30 p.m.•168 views

AES Finder - Utility To Find AES Keys In Running Processes

Utility to find AES keys in running process memory. Works for 128, 192 and 256-bit keys. Usage Open aes-finder.sln solution in Visual Studio 2013 to compile source. Alternatively use gcc/clang: g++ -O3 -march=native -fomit-frame-pointer aes-finder.cpp -o aes-finder To search for keys in process...

7.3AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/06/14 1:9 p.m.•168 views

Rustbuster - DirBuster For Rust

DirBuster for Rust. Usage There are three modules currently implemented: 1. Dirbuster default rustbuster -m dir -u http://localhost:3000/ -w examples/wordlist -e php 2. Dnsbuster rustbuster -m dns -u google.com -w examples/wordlist 3. Vhostbuster rustbuster -m vhost -u http://localhost:3000/ -w...

7.3AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/01/27 12:48 p.m.•168 views

FTW - Framework For Testing WAFs

This project was created by researchers from ModSecurity and Fastly to help provide rigorous tests for WAF rules. It uses the OWASP Core Ruleset V3 as a baseline to test rules on a WAF. Each rule from the ruleset is loaded into a YAML file that issues HTTP requests that will trigger these rules...

7.6AI score
Exploits0References3
Kitploit
Kitploit
•added 2019/01/06 1:32 p.m.•168 views

Shodanploit - Shodan Command Line Interface Written In Python

Shodan is a search engine on the internet where you can find interesting things all over the world. For example, we can find cameras, bitcoin streams, zombie computers, ports with weakness in service, SCADA systems, and more. Moreover, more specific searches are possible. As a result of the searc...

6.9AI score
Exploits0References1
Kitploit
Kitploit
•added 2015/04/19 2:57 p.m.•168 views

Watcher v1.5.8 - Web Security Testing Tool and Passive Vulnerability Scanner

Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as...

6.8AI score
Exploits0
Kitploit
Kitploit
•added 2023/02/11 11:30 a.m.•167 views

Powershell-Backdoor-Generator - Obfuscated Powershell Reverse Backdoor With Flipper Zero And USB Rubber Ducky Payloads

Reverse backdoor written in Powershell and obfuscated with Python. Allowing the backdoor to have a new signature after every run. Also can generate auto run scripts for Flipper Zero and USB Rubber Ducky. usage: listen.py -h --ip-address IPADDRESS --port PORT --random --out OUT --verbose --delay...

7.5AI score
Exploits0References1
Kitploit
Kitploit
•added 2022/04/16 12:30 p.m.•167 views

EDRSandblast - Tool That Weaponize A Vulnerable Signed Driver To Bypass EDR Detections And LSASS Protections

EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections Kernel callbacks and ETW TI provider and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring. As of release, combination of userland...

7.8CVSS7.6AI score0.18188EPSS
Exploits5References8
Kitploit
Kitploit
•added 2020/11/21 11:30 a.m.•167 views

Routopsy - A Toolkit Built To Attack Often Overlooked Networking Protocols

Routopsy is a toolkit built to attack often overlooked networking protocols. Routopsy currently supports attacks against Dynamic Routing Protocols DRP and First-Hop Redundancy Protocols FHRP. Most of the attacks currently implemented make use of a weaponised 'virtual router' as opposed to...

7AI score
Exploits0References2
Kitploit
Kitploit
•added 2019/11/29 11:30 a.m.•167 views

BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything

Your private data is being traded and sold all over the internet as we speak. Tons of leaks come out on a daily basis which can make you feel powerless. The majority of user-passwords and other sensitive information have been posted somewhere on the internet/darknet for any prying eyes to see,...

7.1AI score
Exploits0References2
Kitploit
Kitploit
•added 2019/09/28 9:30 p.m.•167 views

SecurityNotFound - 404 Page Not Found Webshell

Clone me! Clone or download the project: git clone https://github.com/CosasDePuma/SecurityNotFound.git SecurityNotFound cd SecurityNotFound "Installation" The src/404.php file should be located on the target server. That server must have the ability to execute .php files. Here is an example of so...

7.5AI score
Exploits0References3
Kitploit
Kitploit
•added 2019/04/06 12:49 p.m.•167 views

Pyrit - The Famous WPA Precomputed Cracker

Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power of Multi-Core CPUs and other platforms through ATI-Stream,Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one o...

7.2AI score
Exploits0References6
Kitploit
Kitploit
•added 2019/01/14 8:39 p.m.•167 views

Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)

PE-sieve is a light-weight tool that helps to detect malware running on the system, as well as to collect the potentially malicious material for further analysis. Recognizes and dumps variety of implants within the scanned process: replaced/injected PEs, shellcodes, hooks, and other in-memory...

7.2AI score
Exploits0References3
Kitploit
Kitploit
•added 2017/10/28 1:30 p.m.•167 views

Nikto v2.1.6 - Web Server Scanner

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks...

8.7AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/05/29 10:4 p.m.•166 views

Wpbullet - A Static Code Analysis For WordPress (And PHP)

A static code analysis for WordPress Plugins/Themes and PHP Installation Simply clone the repository, install requirements and run the script $ git clone https://github.com/webarx-security/wpbullet wpbullet $ cd wpbullet $ pip install -r requirements.txt $ python wpbullet.py Usage Available...

7.4AI score
Exploits0References1
Kitploit
Kitploit
•added 2018/03/23 8:46 p.m.•166 views

iCloudBrutter - AppleID Bruteforce

iCloudBrutter is a simple python 3.x script to perform basic bruteforce attack againts AppleID. Usage of iCloudBrutter for attacking targets without prior mutual consent is illegal. iCloudBrutter developer not responsible to any damage caused by iCloudBrutter. Installation $ git clone...

7.2AI score
Exploits0References1
Kitploit
Kitploit
•added 2020/05/19 9:30 p.m.•165 views

Self-XSS - Self-XSS Attack Using Bit.Ly To Grab Cookies Tricking Users Into Running Malicious Code

Self-XSS attack using bit.ly to grab cookies tricking users into running malicious code How it works? Self-XSS is a social engineering attack used to gain control of victims' web accounts by tricking users into copying and pasting malicious content into their browsers. Since Web browser vendors a...

7.7AI score
Exploits0References1
Kitploit
Kitploit
•added 2020/05/06 12:30 p.m.•165 views

TorghostNG - Make All Your Internet Traffic Anonymized Through Tor Network

TorghostNG is a tool that make all your internet traffic anonymized through Tor network. Rewritten from TorGhost with Python 3. TorghostNG was tested on: Kali Linux Manjaro ... Before you use TorghostNG For the goodness of Tor network, BitTorrent traffic will be blocked by iptables. Although you...

7.7AI score
Exploits0References2
Kitploit
Kitploit
•added 2019/10/08 8:30 p.m.•165 views

Maryam - Open-source intelligence (OSINT) Framework

Maryam is a full-featured open-source intelligenceOSINT framework written in Python. Complete with independent modules, built in functions, interactive help, and command completion, provides a command-line environment for used forensic and open-source intelligenceOSINT. Maryam is a completely...

7.4AI score
Exploits0References4
Kitploit
Kitploit
•added 2019/09/26 9:0 p.m.•165 views

FDsploit - File Inclusion And Directory Traversal Fuzzing, Enumeration & Exploitation Tool

A File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool. FDsploit menu: $ python fdsploit.py -h | | \ | ||| | | | | | -| . | | . | | | || |/|| ||||| ||...ver. 1.2 Author: Christoforos Petrou game0ver ! usage: fdsploit.py -u | -f -h -p -d -e 0,1,2 -t -b -x -c -v --params...

8.2AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/07/24 1:12 p.m.•165 views

Airopy - Get Clients And Access Points

Get clients and access points. With Alfa cards this script works correctly. Dependencies To run this script first install requirements as follows: sudo pip3 install requirements.txt How to use In the examples I don't add 'sudo', but to execute them you need high privileges. To get help: python3...

7.4AI score
Exploits0References3
Kitploit
Kitploit
•added 2019/04/01 8:37 p.m.•165 views

Mimikatz v2.2.0 - A Post-Exploitation Tool to Extract Plaintexts Passwords, Hash, PIN Code from Memory

mimikatz is a tool I've made to learn C and make somes experiments with Windows security. It's now well known to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets. But that's not all!...

7.4AI score
Exploits0References6
Kitploit
Kitploit
•added 2021/06/18 9:30 p.m.•164 views

Kconfig-Hardened-Check - A Tool For Checking The Hardening Options In The Linux Kernel Config

Motivation There are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros. We have to enable these options ourselves to make our systems more secure. But nobody likes checking configs manually. So let the computers do their job!...

7CVSS8.4AI score0.00985EPSS
Exploits1References10
Kitploit
Kitploit
•added 2021/05/22 9:30 p.m.•164 views

Charlotte - C++ Fully Undetected Shellcode Launcher

c++ fully undetected shellcode launcher ; releasing this to celebrate the birth of my newborn description 13/05/2021: 1. c++ shellcode launcher, fully undetected 0/26 as of 13th May 2021. 2. dynamic invoking of win32 api functions 3. XOR encryption of shellcode and function names 4. randomised XO...

7.2AI score
Exploits0References2
Kitploit
Kitploit
•added 2020/11/05 8:30 p.m.•164 views

Kraken - Cross-platform Yara Scanner Written In Go

Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, research and ad-hoc detections not for endpoint protection. Following are the core features: Scan running executables and memory of running process...

7.2AI score
Exploits0References4
Kitploit
Kitploit
•added 2019/10/05 9:1 p.m.•164 views

Userrecon-Py v2.0 - Username Recognition On Various Websites

Username recognition on various websites. Installation Withpip3 Linux sudo -H pip3 install git+https://github.com/decoxviii/userrecon-py.git --upgrade userrecon-py --help Build from source Linux git clone https://github.com/decoxviii/userrecon-py.git ; cd userrecon-py sudo -H pip3 install -r...

7.3AI score
Exploits0References2
Kitploit
Kitploit
•added 2019/04/25 10:6 p.m.•164 views

NAXSI - An Open-Source, High Performance, Low Rules Maintenance WAF For NGINX

NAXSI means Nginx Anti XSS & SQL Injection. Technically, it is a third party nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset of simple and readable rules containing 99% of known patterns involved in website vulnerabilities. For...

7AI score
Exploits0References5
Kitploit
Kitploit
•added 2019/02/19 8:49 p.m.•164 views

Maltego CE - An Interactive Data Mining Tool That Renders Directed Graphs For Link Analysis

Maltego CE is the community version of Maltego that is available for free after a quick online registration. Maltego CE includes most of the same functionality as the commercial version however it has some limitations. The main limitation with the community version is that the application cannot ...

6.8AI score
Exploits0
Kitploit
Kitploit
•added 2018/11/16 9:45 p.m.•164 views

Pastego - Scrape/Parse Pastebin Using GO And Expression Grammar (PEG)

Scrape/Parse Pastebin using GO and grammar expression PEG. Installation $ go get -u github.com/edoz90/pastego Usage Search keywords are case sensitive pastego -s "password,keygen,PASSWORD" You can use boolean operators to reduce false positive pastego -s "quake && earthquake, password && php ||...

7.7AI score
Exploits0References6
Kitploit
Kitploit
•added 2018/09/18 9:3 p.m.•164 views

Leaked? 2.0 - A Checking Tool For Hash Codes, Passwords And Emails Leaked

Leaked? is A Checking tool for Hash codes and Passwords and Emails leaked, uses leakz module from Aidan Holland, and leakz module uses API from Aurelius Wendelken. Leaked? can work in any OS if they have support Python 3 and 2. What's new? Check email leaked Update More friendly for users Support...

7.5AI score
Exploits0References1
Kitploit
Kitploit
•added 2018/09/10 9:13 p.m.•164 views

PacketWhisper - Stealthily Exfiltrate Data And Defeat Attribution Using DNS Queries And Text-Based Steganography

PacketWhisper - Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, without the need for attacker-controlled Name Servers or domains; Evade DLP/MLS Devices; Defeat Data- & DNS Name Server Whitelisting Controls. Convert any file type e.g. executables, Office...

6.8AI score
Exploits0References3
Kitploit
Kitploit
•added 2018/02/12 12:53 p.m.•164 views

Hate_Crack - Automated Hash Cracking Techniques with HashCat

A tool for automating cracking methodologies through Hashcat from the TrustedSec team. Installation Get the latest hashcat binaries https://hashcat.net/hashcat/ OSX Install https://www.phillips321.co.uk/2016/07/09/hashcat-on-os-x-getting-it-going/ mkdir -p hashcat/deps git clone...

7.3AI score
Exploits0References1
Kitploit
Kitploit
•added 2016/10/05 2:30 p.m.•164 views

hacklib - Pentesting, Port Scanning, and Logging in anywhere with Python

Toolkit for hacking enthusiasts using Python. hacklib is a Python module for hacking enthusiasts interested in network security. It is currently in active development. Installation To get hacklib, simply run in command line: pip install hacklib hacklib also has a user interface. To use it, you ca...

10CVSS8.4AI score0.63748EPSS
Exploits12References1
Kitploit
Kitploit
•added 2022/12/21 1:30 p.m.•163 views

Squarephish - An advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes

SquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes. See PhishInSuits for more details on using OAuth Device Code flow for phishing attacks. / | | | | | | | | | | | | | \ \ / | | | |/ | '/ \ /| ' | / | ' \ | | | || | | |...

7.5AI score
Exploits0References11
Kitploit
Kitploit
•added 2022/05/20 12:30 p.m.•164 views

Octopus - Open Source Pre-Operation C2 Server Based On Python And Powershell

Octopus is an open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S. The main purpose of creating Octopus is for use before any red team operation, where rather than starting the engagement with your full operational arsenal and...

7.6AI score
Exploits0References5
Kitploit
Kitploit
•added 2020/07/16 9:50 p.m.•163 views

Saferwall - A Hackable Malware Sandbox For The 21St Century

Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares...

7.3AI score
Exploits0References6
Kitploit
Kitploit
•added 2019/10/18 9:30 p.m.•163 views

Rbuster - Yet Another Dirbuster

yet another dirbuster Common Command line options -a - specify a user agent string to send in the request -c - use this to specify any cookies that you might need simulating auth. header. -f - force processing of a domain with wildcard results. -l - show the length of the response. -r - follow...

7.5AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/09/03 1:0 p.m.•163 views

Ehtools - Framework Of Serious Wi-Fi Penetration Tools

Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a...

6.6AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/07/29 9:15 p.m.•163 views

RedGhost v3.0 - Linux Post Exploitation Framework Written In Bash Designed To Assist Red Teams In Persistence, Reconnaissance, Privilege Escalation And Leaving No Trace

Linux post exploitation framework designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace. Payloads Function to generate various encoded reverse shells in netcat, bash, python, php, ruby, perl SudoInject Function to inject sudo command with wrapper...

8.3AI score
Exploits0References1
Kitploit
Kitploit
•added 2019/02/28 8:55 p.m.•163 views

Angr - A Powerful And User-Friendly Binary Analysis Platform

angr is a platform-agnostic binary analysis framework. It is brought to you by the Computer Security Lab at UC Santa Barbara, SEFCOM at Arizona State University, their associated CTF team, Shellphish, the open source community, and @rhelmot. What? angr is a suite of Python 3 libraries that let yo...

7.1AI score
Exploits0References3
Kitploit
Kitploit
•added 2013/10/22 12:34 a.m.•163 views

[TinySHell] Ported to SCTP

You may have seen, a while ago, my post on SCTP reverse shells. I realized quite quickly that I should definately do some more research in this direction, and hence ported one of my favourite Unix backdoors which uses a TCP connection to use a SCTP connection instead. This backdoor allows for a...

9.8AI score
Exploits0References1
Kitploit
Kitploit
•added 2024/06/23 12:30 p.m.•162 views

VulnNodeApp - A Vulnerable Node.Js Application

A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only. Setup Clone this repository git clone https://github.com/4auvar/VulnNodeApp.git Application setup: Install the latest node.js version with npm. Open...

8.5AI score
Exploits0References2
Kitploit
Kitploit
•added 2023/03/16 11:30 a.m.•162 views

GPT_Vuln-analyzer - Uses ChatGPT API And Python-Nmap Module To Use The GPT3 Model To Create Vulnerability Reports Based On Nmap Scan Data

This is a Proof Of Concept application that demostrates how AI can be used to generate accurate results for vulnerability analysis and also allows further utilization of the already super useful ChatGPT. Requirements Python 3.10 All the packages mentioned in the requirements.txt file OpenAi api...

7.3AI score
Exploits0References1
Total number of security vulnerabilities5000