Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2019/10/19 12:0 p.m.152 views

Discover - Custom Bash Scripts Used To Automate Various Penetration Testing Tasks Including Recon, Scanning, Parsing, And Creating Malicious Payloads And Listeners With Metasploit

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit. For use with Kali Linux and the Penetration Testers Framework PTF. Lee Baird @discoverscripts Jay "L1ghtn1ng" Townsend...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/09/12 8:46 p.m.152 views

Anteater - CI/CD Gate Check Framework

Anteater is an open framework to prevent the unwanted merging of nominated strings, filenames, binaries, depreciated functions, staging enviroment code / credentials etc. Anything that can be specified with regular expression syntax, can be sniffed out by anteater. You tell anteater exactly what...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2019/09/09 8:25 p.m.152 views

fileGPS - A Tool That Help You To Guess How Your Shell Was Renamed After The Server-Side Script Of The File Uploader Saved It

Introduction When you upload a shell on a web-server using a file upload functionality, usually the file get renamed in various ways in order to prevent direct access to the file, RCE and file overwrite. fileGPS is a tool that uses various techniques to find the new filename, after the server-sid...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/02/05 12:39 p.m.152 views

Bincat - Binary Code Static Analyser, With IDA Integration

BinCAT is a static Binary Code Analysis Toolkit, designed to help reverse engineers, directly from IDA. It features: value analysis registers and memory taint analysis type reconstruction and propagation backward and forward analysis use-after-free and double-free detection In action You can chec...

7.2AI score
Exploits0References10
Kitploit
Kitploit
added 2018/12/21 8:56 p.m.152 views

Ustealer - Ubuntu Stealer, Steal Ubuntu Information In Local PC

Ubuntu stealer, steal ubuntu information in local pc nice with usb key Require G++ sudo apt-get install g++ libsqlite3 sudo apt-get install libsqlite3-dev Compilation Go in Ustealer/ folder and run makefile make Use ./ustealer Download Ustealer...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2015/03/20 9:33 p.m.152 views

3vilTwinAttacker - Create Rogue Wi-Fi Access Point and Snooping on the Traffic

This tool create an rogue Wi-Fi access point , purporting to provide wireless Internet services, but snooping on the traffic. Software dependencies: Recommended to use Kali linux. Ettercap. Sslstrip. Airbase-ng include in aircrack-ng. DHCP. Nmap. Install DHCP in Debian-based Ubuntu $ sudo apt-get...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2013/12/05 2:41 a.m.152 views

[MKBRUTUS] Password bruteforcer for MikroTik devices or boxes running RouterOS

Mikrotik brand devices www.mikrotik.com, which runs the RouterOS operative system, are worldwide known and popular with a high networking market penetration. Many companies choose them as they are a great combination of low-cost and good performance. RouterOS can be also installed on other device...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2019/12/14 9:2 p.m.151 views

Haaukins - A Highly Accessible And Automated Virtualization Platform For Security Education

Haaukins is a highly accessible and automated virtualization platform for security education, it has three main components Docker, Virtualbox and Golang, the communication and orchestration between the components managed using Go programming language. The main reason of having Go environment to...

7.3AI score
Exploits0References7
Kitploit
Kitploit
added 2019/06/03 12:47 p.m.151 views

PcapXray v2.5 - A Network Forensics Tool To Visualize A Packet Capture Offline As A Network Diagram

PcapXray is a Network Forensics Tool To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. PcapXray Design Specification Goal: Given a Pcap File, plot a network diagram displaying hosts in the network,...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2019/04/04 11:43 a.m.151 views

CHAOS Framework v3.0 - Generate Payloads And Control Remote Windows Systems

CHAOS is a PoC that allow generate payloads and control remote operating systems. Features Feature | Windows | Mac | Linux ---|---|---|--- Reverse Shell | X | X | X Download File | X | X | X Upload File | X | X | X Screenshot | X | X | X Keylogger | X | | Persistence | X | | Open URL | X | X | X...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2019/02/12 8:13 p.m.151 views

Justniffer - Network TCP Packet Sniffer

Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic. It lets you interactively trace tcp traffic from a live network o...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2019/01/07 12:46 p.m.151 views

Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io

This tool allows you to mass play any YouTube video with Chromecasts obtained from Shodan.io Author: @037 Prerequisites The only thing you need installed is Python 3.x sudo apt-get install python3 You also require to have cURL installed sudo apt-get install curl You also require Shodan python...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2017/06/13 3:16 p.m.151 views

tcconfig - A Simple Tc Command Wrapper Tool

A Simple tc command wrapper tool. Easy to set up traffic control of network bandwidth/latency/packet-loss to a network interface. Traffic control features Trafic shaping target Apply traffic shaping rules to specific target: Outgoing/Incoming packets Certain IP address/network or port Available...

7.5AI score
Exploits0References8
Kitploit
Kitploit
added 2021/07/16 9:30 p.m.150 views

Kali-Whoami - A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level

The purpose of the Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly with its ease of use and simple interface. It follows two different paths to ensure the highest possible level of anonymity. Finally, don't forget that there is never a hundred percent security...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2021/05/21 12:30 p.m.150 views

AutoPentest-DRL - Automated Penetration Testing Using Deep Reinforcement Learning

AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning DRL techniques. The framework determines the most appropriate attack path for a given network, and can be used to execute a simulated attack on that network via penetration testing tools, such as...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2021/01/29 8:30 p.m.150 views

CSSG - Cobalt Strike Shellcode Generator

Adds Shellcode - Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used to more easily generate and format beacon shellcode Generates beacon stageless shellcode with exposed exit method, additional formatting, encryption, encoding, compression, multiline...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2020/08/31 12:30 p.m.150 views

Mihari - A Helper To Run OSINT Queries & Manage Results Continuously

Mihari is a helper to run queries & manage results continuously. Mihari can be used for C2, landing page and phishing hunting. How it works Mihari makes a query against Shodan, Censys, VirusTotal, SecurityTrails, etc. and extracts artifacts IP addresses, domains, URLs and hashes from the results...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/11/07 8:43 p.m.150 views

Donut - Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory

Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL including .NET Assemblies files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable such as Program.Main, it...

8AI score
Exploits0References6
Kitploit
Kitploit
added 2019/10/08 12:30 p.m.150 views

box.js - A Tool For Studying JavaScript Malware

A utility to analyze malicious JavaScript. Installation Simply install box-js from npm: npm install box-js --global Usage Looking to use box-js with Cuckoo? Use cuckoo-package.py as an analysis package. Let's say you have a sample called sample.js: to analyze it, simply run box-js sample.js Chanc...

7.2AI score
Exploits0References8
Kitploit
Kitploit
added 2019/08/20 9:30 p.m.150 views

PEpper - An Open Source Script To Perform Malware Static Analysis On Portable Executable

An open source tool to perform malware static analysis on P ortable E xecutable Installation eva@paradise:$ git clone https://github.com/Th3Hurrican3/PEpper/ eva@paradise:$ cd PEpper eva@paradise:$ pip3 install -r requirements.txt eva@paradise:$ python3 pepper.py ./malwaredir Screenshot...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2017/04/11 2:2 p.m.150 views

PoshC2 - Powershell C2 Server and Implants

PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement. The tools and modules were developed off the back of our successful PowerShell sessions and payload types for the Metasploit Framework...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2023/05/21 12:30 p.m.149 views

Bypass-403 - A Simple Script Just Made For Self Use For Bypassing 403

A simple script just made for self use for bypassing 403 It can also be used to compare responses on verious conditions as shown in the below snap Usage ./bypass-403.sh https://example.com admin ./bypass-403.sh website-here path-here Features Use 24 known Bypasses for 403 with the help of curl...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2022/04/18 12:30 p.m.149 views

Zircolite - A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in Python 3. It allows to use SIGMA rules on MS Windows EVTX EVTX and JSONL format, Auditd logs and Sysmon for Linux logs Zircolite can be used directly on the...

7AI score
Exploits0References15
Kitploit
Kitploit
added 2022/03/30 8:30 p.m.149 views

CVE-2022-27254 - PoC For Vulnerability In Honda's Remote Keyless System

PoC for vulnerability in Honda's Remote Keyless SystemCVE-2022-27254 Disclaimer: For educational purposes only. Kindly note that the discoverers for this vulnerability are Ayyappan Rajesh, a student at UMass Dartmouth and HackingIntoYourHeart. Others mentioned in this repository are credited for...

5.3CVSS6.2AI score0.01083EPSS
Exploits2References3
Kitploit
Kitploit
added 2021/07/20 9:30 p.m.149 views

Allsafe - Intentionally Vulnerable Android Application

Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like a CTF and more like a real-life application that uses modern libraries and technologies. Additionally, I have included some Frida based challenges...

8.9AI score
Exploits0References5
Kitploit
Kitploit
added 2021/01/04 8:30 p.m.149 views

EvtMute - Apply A Filter To The Events Being Reported By Windows Event Logging

This is a tool that allows you to offensively use YARA to apply a filter to the events being reported by windows event logging. Usage Grap the latest verison from here. EvtMuteHook.dll contains the core functionality, once it is injected it will apply a temporary filter which will allow all event...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2020/05/13 12:30 p.m.149 views

Kaiten - A Undetectable Payload Generation

A Undetectable Payload Generation. This tool is for educational purpose only, usage of Kaiten for attacking targets without prior mutual consent is illegal. Developers assume no liability and are not responsible for any misuse or damage cause by this program. Official Kaiten Repository. What is i...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/13 11:30 a.m.149 views

Exploitivator - Automate Metasploit Scanning And Exploitation

This has only been tested on Kali. It depends on the msfrpc module for Python, described in detail here: https://www.trustwave.com/Resources/SpiderLabs-Blog/Scripting-Metasploit-using-MSGRPC/ Install the necessary Kali packages and the PostgreSQL gem for Ruby: apt-get install postgresql libpq-dev...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/08/21 1:30 p.m.149 views

Applepie - A Hypervisor For Fuzzing Built With WHVP And Bochs

Hello! Welcome to applepie! This is a tool designed for fuzzing, introspection, and finding bugs! This is a hypervisor using the Windows Hypervisor Platform API present in recent versions of Windows specifically this was developed and tested on Windows 10 17763. Bochs is used for providing deep...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/06/17 9:50 p.m.149 views

Kippo - SSH Honeypot

Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker. Kippo is inspired, but not based on Kojoney. Features Some interesting features: Fake filesystem with the ability to add/remove files. A fu...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2019/05/06 9:49 p.m.149 views

PeekABoo - Tool To Enable Remote Desktop On The Targeted Machine

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. The tool only works if WinRM is enabled. Since Windows Server 2012 WinRM is enabled by default on all Windows server...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2018/12/21 12:32 p.m.149 views

W3Brute - Automatic Web Application Brute Force Attack Tool

w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features 1. Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process...

8.7AI score
Exploits0References4
Kitploit
Kitploit
added 2018/05/29 10:38 p.m.149 views

Diskover - File System Crawler, Storage Search Engine And Analytics Powered By Elasticsearch

diskover is an open source file system crawler and disk usage software that uses Elasticsearch to index and manage data across heterogeneous storage systems. Using diskover, you are able to more effectively search and organize files and system administrators are able to manage storage...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2017/12/16 8:35 p.m.149 views

Wazuh - Open Source Host and Endpoint Security

Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the following capabilities: Log management and analysis: Wazuh agents read operating...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2013/11/04 3:21 a.m.149 views

[FoxOne] Free OSINT Tool - Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author th3j35t3r as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel o...

9.8AI score
Exploits0
Kitploit
Kitploit
added 2021/01/17 8:30 p.m.148 views

ImHex - A Hex Editor For Reverse Engineers, Programmers And People That Value Their Eye Sight When Working At 3 AM.

A Hex Editor for Reverse Engineers, Programmers and people that value their eye sight when working at 3 AM. Features Featureful hex view Byte patching Patch management Copy bytes as feature Bytes Hex string C, C++, C, Rust, Python, Java & JavaScript array ASCII-Art hex view HTML self contained di...

7AI score
Exploits0References11
Kitploit
Kitploit
added 2020/06/30 9:30 p.m.148 views

Basecrack - Best Decoder Tool For Base Encoding Schemes

BaseCrack is a tool written in Python that can decode all alphanumeric base encoding schemes. This tool can accept single user input, multiple inputs from a file, input from argument, multi-encoded bases and decode them incredibly fast. Decode Base16, Base32, Base36, Base58, Base62, Base64,...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/06/14 1:0 p.m.148 views

URLCADIZ - A Simple Script To Generate A Hidden Url For Social Engineering

A simple script to generate a hidden url for social engineering. Legal disclaimer: Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/11/29 9:3 p.m.148 views

Attack Monitor - Endpoint Detection And Malware Analysis Software

Attack Monitor is Python application written to enhance security monitoring capabilites of Windows 7/2008 and all later versions workstations/servers and to automate dynamic analysis of malware. Current modes mutually exclusive: Endpoint detection ED Malware analysis on dedicated Virtual Machine...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/11/16 1:42 p.m.148 views

Jaeles - The Swiss Army Knife For Automated Web Application Testing

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation go get -u github.com/jaeles-project/jaeles Please visit the Official Documention for more details. Checkout Signature Repo for base signature. Usage More usage...

6.5CVSS6.8AI score0.94453EPSS
Exploits2References6
Kitploit
Kitploit
added 2019/09/30 12:0 p.m.148 views

Terraform AWS Secure Baseline - Terraform Module To Set Up Your AWS Account With The Secure Baseline Configuration Based On CIS Amazon Web Services Foundations

Terraform Module Registry A terraform module to set up your AWS account with the reasonably secure configuration baseline. Most configurations are based on CIS Amazon Web Services Foundations v1.2.0. See Benchmark Compliance to check which items in CIS benchmark are covered. Starting from v0.10.0...

7AI score
Exploits0References11
Kitploit
Kitploit
added 2019/08/09 9:30 p.m.148 views

BADministration - Tool Which Interfaces with Management or Administration Applications from an Offensive Standpoint

BADministration is a tool which interfaces with management or administration applications from an offensive standpoint. It attempts to provide offsec personnel a tool with the ability to identify and leverage these non-technical vulnerabilities. As always: use for good, promote security, and figh...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/20 10:0 p.m.148 views

GitGot - Semi-automated, Feedback-Driven Tool To Rapidly Search Through Troves Of Public Data On GitHub For Sensitive Secrets

GitGot is a semi-automated, feedback-driven tool to empower users to rapidly search through troves of public data on GitHub for sensitive secrets. How it Works During search sessions, users will provide feedback to GitGot about search results to ignore, and GitGot prunes the set of results. Users...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2019/05/09 10:36 p.m.148 views

QRGen - Simple Script For Generating Malformed QRCodes

Simple Script For Generating Malformed QRCodes. These qrcodes are useful if you want to test some QRCode scanner's parser or how the application handle QRCode data. Down side of this tool: you need to manually scan codes with camera. Proof Installation What do you need: python3 qrcode Pillow...

7.9AI score
Exploits0References1
Kitploit
Kitploit
added 2018/09/02 9:33 p.m.148 views

Spykeyboard - Keylogger Which Sends Us The Data To Our Gmail

This is a script which allows us to generate an undetectable keylogger which sends the captured keys to our gmail mail. Once we generated our keylogger in our kali linux we would have to pass the .py file to a windows machine to convert it to an .exe. The tool is under development. Install module...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/07/04 9:49 p.m.148 views

Guasap - WhatsApp Forensic Tool

The Guasap Forensic implemented in Python under the GNU General Public License, for the extraction and analysis of files, data bases and logs for forensic WhatsApp. What it does? 1. Check root in device 2. Extract DB and multimedia files no root 3. Extract and analyze deleted messages and others ...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2016/06/03 11:4 p.m.148 views

Npcap - the Nmap Project's packet sniffing library for Windows

Npcap is an update of WinPcap to NDIS 6 Light-Weight Filter LWF technique. It supports Windows Vista, 7, 8 and 10 . It is sponsored by the Nmap Project and developed by Yang Luo under Google Summer of Code 2013 and 2015 . It also received many helpful tests from Wireshark and NetScanTools...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2021/02/27 11:30 a.m.147 views

Gatekeeper - First Open-Source DDoS Protection System

Gatekeeper is the first open source DoS protection system. It is designed to scale to any peak bandwidth, so it can withstand DoS attacks both of today and of tomorrow. In spite of the geographically distributed architecture of Gatekeeper, the network policy that describes all decisions that have...

6.8AI score
Exploits0References5
Kitploit
Kitploit
added 2021/02/02 11:30 a.m.147 views

BurpMetaFinder - Burp Suite Extension For Extracting Metadata From Files

Burp Suite extension for extracting metadata from files Currently supported documents: PDF DOCX PPTX XLSX The project created at Jetbrains has been completely added. Don't forget to change the settings you need. Usage You need to dowload 2 external libraries: pdfbox poi-ooxml To install the...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/27 8:56 p.m.147 views

Pown.js - A Security Testing An Exploitation Toolkit Built On Top Of Node.js And NPM

Pown.js is a security testing and exploitation toolkit built on top of Node.js and NPM. Unlike traditional security tools like Metasploits, Pown.js considers frameworks to be an anti-pattern. Therefore, each module in Pown is in fact a standalone NPM module allowing greater degree of reuse and...

7.3AI score
Exploits0References1
Total number of security vulnerabilities5000