Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2022/12/19 11:30 a.m.162 views

Shennina - Automating Host Exploitation With AI

Shennina is an automated host exploitation framework. The mission of the project is to fully automate the scanning, vulnerability scanning/analysis, and exploitation using Artificial Intelligence. Shennina is integrated with Metasploit and Nmap for performing the attacks, as well as being...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2019/10/26 11:54 a.m.162 views

ATTACKdatamap - A Datasource Assessment On An Event Level To Show Potential Coverage Or The MITRE ATT&CK Framework

A datasource assessment on an event level to show potential coverage of the "MITRE ATT&CK" framework. This tool is developed by me and has no affiliation with "MITRE" nor with its great "ATT&CK" team, it is developed with the intention to ease the mapping of data sources to assess one's potential...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/09/10 12:0 p.m.162 views

gitGraber - Tool To Monitor GitHub To Search And Find Sensitive Data For Different Online Services Such As: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe... How it work ? It's important to understand that gitGraber is not designed to check...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2019/05/09 12:56 p.m.162 views

ExtAnalysis - Browser Extension Analysis Framework

With ExtAnalysis you can : Download & Analyze Extensions From: Chrome Web Store Firefox Addons Analyze Installed Extensions of: Google Chrome Mozilla Firefox Opera Browser Coming Soon Upload and Scan Extensions. Supported formats: .crx .xpi .zip Features of ExtAnalysis : View Basic Informations:...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2016/12/22 2:9 p.m.162 views

backdoor-apk - shell script that simplifies the process of adding a backdoor to any Android APK file

backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool, the Android SDK, smali, etc. This shell script is provided as-is without warranty of any kind and ...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2013/10/26 9:8 p.m.162 views

[Lynis] Security and system auditing tool to harden Linux systems

Lynis is an auditing tool for Unix/Linux specialists. It scans the system and available software and performs many individual security checks. It determines the hardening state of the machine and detects security issues. Beside security related information it will also scan for general system...

10AI score
Exploits0
Kitploit
Kitploit
added 2020/12/24 8:30 p.m.161 views

Censys-Python - An Easy-To-Use And Lightweight API Wrapper For The Censys Search Engine

An easy-to-use and lightweight API wrapper for the Censys Search Engine censys.io. Python 3.6+ is currently supported. Getting Started The library can be installed using pip. $ pip install censys To configure your credentials run censys config or set both CENSYSAPIID and CENSYSAPISECRET environme...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2020/08/15 12:30 p.m.161 views

Phirautee - A PoC Crypto Virus To Spread User Awareness About Attacks And Implications Of Ransomwares

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanentl...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/04/26 10:0 p.m.161 views

Print-My-Shell - Tool To Automate The Process Of Generating Various Reverse Shells

"Print My Shell" is a python script, wrote to automate the process of generating various reverse shells based on PayloadsAllTheThings and Pentestmonkey reverse shell cheat sheets. Using this script you can easily generate various types of reverse shells without leaving your command line. This...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2019/11/09 8:59 p.m.161 views

Sgx-Step - A Practical Attack Framework For Precise Enclave Execution Control

SGX-Step is an open-source framework to facilitate side-channel attack research on Intel SGX platforms. SGX-Step consists of an adversarial Linux kernel driver and user space library that allow to configure untrusted page table entries and/or x86 APIC timer interrupts completely from user space...

6.7AI score
Exploits0References6
Kitploit
Kitploit
added 2019/03/24 8:32 p.m.161 views

Androwarn - Yet Another Static Code Analyzer For Malicious Android Applications

Androwarn is a tool whose main aim is to detect and warn the user about potential malicious behaviours developped by an Android application. The detection is performed with the static analysis of the application's Dalvik bytecode, represented as Smali, with the androguard library. This analysis...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/03/06 12:9 p.m.161 views

Legion - An Easy-To-Use, Super-Extensible And Semi-Automated Network Penetration Testing Tool That Aids In Discovery, Reconnaissance And Exploitation Of Information Systems

Legion, a fork of SECFORCE's Sparta, is an open source, easy-to-use, super-extensible and semi-automated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems. Legion is developed and maintained by GoVanguard. More information about...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/04 8:14 p.m.161 views

Cuteit v0.2.1 - IP Obfuscator Made To Make A Malicious Ip A Bit Cuter

IP obfuscator made to make a malicious ip a bit cuter A simple python tool to help you to social engineer, bypass whitelisting firewalls, potentially break regex rules for command line logging looking for IP addresses and obfuscate cleartext strings to C2 locations within the payload. All of that...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/10 12:22 p.m.161 views

MemITM - Tool To Make In Memory Man In The Middle

The MemITM Mem In The Middle tool has been developped in order to easily intercept "messages" in Windows processes memory. We developped a lot of custom memory interception tools in order to capture network messages before encryption, or IPC messages, and to be able to inspect them or alter them ...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2016/01/11 7:30 p.m.161 views

Penbox - A Tool That Has All The Tools, Penetration Tester'S Repo

PenBox A Penetration Testing Framework , The Hacker's Repo our hope is in the last version we will have evry script that a hacker needs : Requirements Python 2 sudoer Versions Version v1.1 : DrupalHacking : 1: Drupal Bing Exploiter 2: Get Drupal Websites 3: Drupal Mass Exploiter PrivatTools: 1 Ge...

10AI score
Exploits0References1
Kitploit
Kitploit
added 2025/05/05 12:30 p.m.160 views

Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image

Real-time face swap and video deepfake with a single click and only a single image. Disclaimer This deepfake software is designed to be a productive tool for the AI-generated media industry. It can assist artists in animating custom characters, creating engaging content, and even using models for...

7.2AI score
Exploits0References14
Kitploit
Kitploit
added 2021/06/21 9:30 p.m.160 views

Squalr - Squalr Memory Editor - Game Hacking Tool Written In C#

Squalr Official Website Join us on our Discord Channel Squalr is performant Memory Editing software that allows users to create and share cheats in their windows desktop games. This includes memory scanning, pointers, x86/x64 assembly injection, and so on. Squalr achieves fast scans through...

7AI score
Exploits0References15
Kitploit
Kitploit
added 2020/12/05 11:30 a.m.160 views

Obfuscator - The Program Is Designed To Obfuscate The Shellcode

The program is designed to obfuscate the shellcode. Currently the tool supports 2 encryption. 1 XOR 2 AES The tool accepts shellcode in 4 formats. 1 base64 2 hex 3 c 4 raw Command Line Usage Usage Description ----- ----------- /f Specify the format of the shellcode base64 hex c raw /enc Specify t...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/10/07 8:30 p.m.160 views

CSRFER - Tool To Generate CSRF Payloads Based On Vulnerable Requests

CSRFER is a tool to generate csrf payloads, based on vulnerable requests. It parses supplied requests to generate either a form or a fetch request. The payload can then be embedded in an html template. Installation / / | \ | | \ | / /\ --.| |/ / | | | | |/ / | | --. \ /| | | || / | /// / |\ |...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2020/02/22 9:0 p.m.160 views

Gadgetinspector - A Byte Code Analyzer For Finding Deserialization Gadget Chains In Java Applications

This project inspects Java libraries and classpaths for gadget chains. Gadgets chains are used to construct exploits for deserialization vulnerabilities. By automatically discovering possible gadgets chains in an application's classpath penetration testers can quickly construct exploits and...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2019/08/26 9:52 p.m.160 views

4CAN - Open Source Security Tool to Find Security Vulnerabilities in Modern Cars

Open Source Security Tool to Find Security Vulnerabilities in Modern Cars. hardware Tested on the following raspbian images using a pi3b+ Apr 2019 kernel 4.14.98-v7+ Oct 2018 kernel 4.14.71-v7+ Jun 2018 kernel 4.14.50-v7+ 4can should also work with a pi0w, but it's recommended to use at least a...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/02/11 12:56 p.m.160 views

Pftriage - Python Tool And Library To Help Analyze Files During Malware Triage And Analysis

pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract properties of a file to help during the triage process. The tool also has an analyze function which can detect common malicious indicators used by malware. Dependencies pefile filemagi...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2017/04/17 2:12 p.m.160 views

Evilginx - MITM Attack Framework [Advanced Phishing With Two-factor Authentication Bypass]

Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxypass and subfilter to proxy and modify HTTP content, while intercepting traffic between client and server. You can learn...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2021/02/20 8:30 p.m.159 views

SSB - A Faster And Simpler Way To Bruteforce SSH Server

S ecure S hell B ruteforcer — A faster & simpler way to bruteforce SSH server. Installation from Binary Download a pre-built binary from releases page, unpack and run! Or: ▶ sudo curl -sSfL 'https://git.io/kitabisa-ssb' | sh -s -- -b /usr/local/bin from Source Need go1.14+ compiler installed and...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2021/01/29 11:30 a.m.159 views

Arbitrium-RAT - A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux

Arbitrium is a cross-platform is a remote access trojan RAT, Fully UnDetectable FUD, It allows you to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding. It gives access to the local networks, you can use the targets as a HTTP proxy and access Router...

7.5AI score
Exploits0References6
Kitploit
Kitploit
added 2020/03/06 9:0 p.m.159 views

SharpRDP - Remote Desktop Protocol .NET Console Application For Authenticated Command Execution

To compile open the project in Visual Studio and build for release. Two DLLs will be output to the Release directory, you do not need those because the DLLs are in the assembly. If you do not want to use the provided DLLs you will need to .NET SDK to create the AxMSTSCLib.dll DLL. To create it...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2020/02/06 11:30 a.m.159 views

Misp-Dashboard - A Dashboard For A Real-Time Overview Of Threat Intelligence From MISP Instances

A dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence information. The misp-dashboard includes a gamification tool to show the contributions of each...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/11/10 8:33 p.m.159 views

threat_note - DPS' Lightweight Investigation Notebook

threatnote is a web application built by Defense Point Security to allow security researchers the ability to add and retrieve indicators related to their research. As of right now this includes the ability to add IP Addresses, Domains and Threat Actors, with more types being added in the future...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/10/19 9:30 p.m.159 views

IoT-Implant-Toolkit - Toolkit For Implant Attack Of IoT Devices

IoT-Implant-Toolkit is a framework of useful tools for malware implantation research of IoT devices. It is a toolkit consisted of essential software tools on firmware modification, serial port debugging, software analysis and stable spy clients. With an easy-to-use and extensible shell-like...

7.7AI score
Exploits0References8
Kitploit
Kitploit
added 2019/10/13 12:24 p.m.159 views

SMTPTester - Tool To Check Common Vulnerabilities In SMTP Servers

SMTPTester is a python3 tool to test SMTP server for 3 common vulnerabilities: Spoofing - The ability to send a mail on behalf of an internal user Relay - Using this SMTP server to send email to other address outside of the organization user enumeration - using the SMTP VRFY command to check if...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/04/02 11:55 a.m.159 views

Osmedeus - Fully Automated Offensive Security Tool For Reconnaissance And Vulnerability Scanning

Osmedeus allow you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. How to use If you have no idea what are you doing just type the command below or check out the Advance Usage ./osmedeus.py -t example.com Installation git clone...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2021/12/27 8:30 p.m.158 views

ShonyDanza - A Customizable, Easy-To-Navigate Tool For Researching, Pen Testing, And Defending With The Power Of Shodan

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan. With ShonyDanza, you can: Obtain IPs based on search criteria Automatically exclude honeypots from the results based on your pre-configured thresholds Pre-configure all IP searches to filte...

10CVSS9.7AI score0.99999EPSS
Exploits153References1
Kitploit
Kitploit
added 2021/08/21 9:30 p.m.158 views

XLMMacroDeobfuscator - Extract And Deobfuscate XLM Macros (A.K.A Excel 4.0 Macros)

XLMMacroDeobfuscator can be used to decode obfuscated XLM macros also known as Excel 4.0 macros. It utilizes an internal XLM emulator to interpret the macros, without fully performing the code. It supports both xls, xlsm, and xlsb formats. It uses xlrd2, pyxlsb2 and its own parser to extract cell...

7.2AI score
Exploits0References10
Kitploit
Kitploit
added 2019/11/28 12:0 p.m.158 views

ATFuzzer - Dynamic Analysis Of AT Interface For Android Smartphones

"Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones" is accepted to the 35th Annual Computer Security Applications Conference ACSAC 2019. https://relentless-warrior.github.io/wp-content/uploads/2019/11/atfuzz.pdf Abstract This paper focuses on checkin...

7.7AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/16 1:54 p.m.158 views

JShielder v2.4 - Hardening Script For Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark G

JSHielder is an Open Source Bash Script developed to help SysAdmin and developers secure there Linux Servers in which they will be deploying any web application or services. This tool automates the process of installing all the necessary packages to host a web application and Hardening a Linux...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2019/04/07 12:59 p.m.158 views

Pocsuite3 - An Open-Sourced Remote Vulnerability Testing Framework

pocsuite3 is an open-sourced remote vulnerability testing and proof-of-concept development framework developed by the Knownsec 404 Team. It comes with a powerful proof-of-concept engine, many powerful features for the ultimate penetration testers and security researchers. Features PoC scripts can...

7.4AI score
Exploits0References4
Kitploit
Kitploit
added 2019/01/31 12:8 p.m.158 views

Bolt - CSRF Scanning Suite

Bolt is in beta phase of development which means there can be bugs. Any production use of this tool discouraged. Pull requests and issues are welcome. I also suggest you to put this repo on watch if you are interested in it. Workflow Crawling Bolt crawls the target website to the specified depth...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2018/11/13 9:16 p.m.158 views

Androspy - Backdoor Crypter & Creator With Automatic IP Poisener

Androspy : is Backdoor Crypter & Creator with Automatic IP Poisener Coded By Belahsan Ouerghi Dependencies keytool jarsigner Apache2 Metasploit-Framework xterm Installation sudo apt-get install git git clone https://github.com/TunisianEagles/Androspy.git cd Androspy chmod +x setup.sh sudo...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2016/06/28 11:46 p.m.158 views

pytbull - Intrusion Detection/Prevention System (IDS/IPS) Testing Framework

pytbull is an Intrusion Detection/Prevention System IDS/IPS Testing Framework for Snort, Suricata and any IDS/IPS that generates an alert file. It can be used to test the detection and blocking capabilities of an IDS/IPS, to compare IDS/IPS, to compare configuration modifications and to...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2013/12/27 2:53 a.m.158 views

[WinDbg v6.12.2.633] Debugging Tools for Windows

WinDbg is a graphical debugger from Microsoft. It is actually just one component of the Debugging Tools for Windows package, which also includes the KD, CDB, and NTSD debuggers. Its claim to fame is debugging memory dumps produced after a crash. It can even debug in kernel mode. For downloads and...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2013/02/26 1:14 a.m.158 views

[Hwk] Wireless Exploitation Tool

Hwk is an easy-to-use wireless authentication and deauthentication tool. Furthermore, it also supports probe response fuzzing, beacon injection flooding, antenna alignment and various injection testing modes. Information gathering is selected by default and shows the incoming traffic indicating t...

10AI score
Exploits0
Kitploit
Kitploit
added 2023/08/23 12:30 p.m.157 views

Evil QR - Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice

Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing. It consists of a browser extension used by the attacker to extract the sign-in QR code and a server application, which retrieves the sign-in QR codes to...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2021/01/01 8:30 p.m.157 views

Oblivion - Data Leak Checker And OSINT Tool

Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user has been leak out. It's possible too verify if any credential of user has been leak out before. The Oblivion have two modes: Oblivion Client: graphical mode. Oblivion Server: mode with A...

7.7AI score
Exploits0References4
Kitploit
Kitploit
added 2020/06/01 12:30 p.m.157 views

Enumy - Linux Post Exploitation Privilege Escalation Enumeration

Enumy is portable executable that you drop on target Linux machine during a pentest or CTF in the post exploitation phase. Running enumy will enumerate the box for common security vulnerabilities. Enumy has a Htop like Ncurses interface or a standard interface for dumb reverse shells. Installatio...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2019/11/19 12:30 p.m.157 views

SQL Injection Payload List

SQL Injection In this section, we'll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection vulnerabilities, and summarize how to prevent SQL injection. What is SQL injection SQLi? SQL injection is a web security vulnerability...

8.3AI score
Exploits0References10
Kitploit
Kitploit
added 2019/09/02 10:34 p.m.157 views

Wordlister - A Simple Wordlist Generator And Mangler Written In Python

A simple wordlist generator and mangler written in python. It makes use of python multiprocessing capabilities in order to speed up his job CPU intensive. Supported permutations: Capital Upper 1337 Append Prepend Additional functions: Test/Dry run Multiprocessing Multicore Possibility to adjust...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/04/03 8:43 p.m.157 views

ISeeYou - Bash And Javascript Tool To Find The Exact Location Of The Users During Social Engineering Or Phishing Engagements

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks. Note: This tool does no...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/12 12:39 p.m.157 views

IoT-Home-Guard - A Tool For Malicious Behavior Detection In IoT Devices

IoT-Home-Guard is a project to help people discover malware in smart home devices. For users the project can help to detect compromised smart home devices. For security researchers it is also useful in network analysis and malicious hehaviors detection. In July 2018 we had completed the first...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2019/01/25 8:43 p.m.158 views

WiGLE - Wifi Wardriving (Nethugging Client For Android)

Open source network observation, positioning, and display client from the world's largest queryable database of wireless networks. Can be used for site-survey, security analysis, and competition with your friends. Collect networks for personal research or upload to https://wigle.net. WiGLE has be...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2019/01/02 8:38 p.m.157 views

Cuteit - Make A Malicious IP A Bit Cuter (IP Obfuscator)

A simple python tool to help you to social engineer, bypass whitelisting firewalls, potentially break regex rules for command line logging looking for IP addresses and obfuscate cleartext strings to C2 locations within the payload. All of that is simply done with obfuscating ip to many forms...

7.5AI score
Exploits0References1
Total number of security vulnerabilities5000