Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2021/05/05 9:30 p.m.142 views

KubeArmor - Container-aware Runtime Security Enforcement System

Introduction to KubeArmor KubeArmor is a container-aware runtime security enforcement system that restricts the behavior such as process execution, file access, networking operation, and resource utilization of containers at the system level. KubeArmor operates with Linux security modules LSMs,...

7.3AI score
Exploits0References9
Kitploit
Kitploit
added 2021/01/15 11:30 a.m.142 views

Stegbrute - Fast Steganography Bruteforce Tool Written In Rust Useful For CTF's

stegbrute is a fast steganography brute force tool written in Rust using also threads to achieve a faster execution Dependencies Stegbrute cannot run without steghide!, to install steghide run : apt-get install -y steghide if you are not in a debian distribution you can download it from steghide...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2020/12/09 11:30 a.m.142 views

Depix - Recovers Passwords From Pixelized Screenshots

Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with a linear box filter. In this article I cover background information on pixelization and similar research. Example python depix.py -p...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2020/08/06 12:30 p.m.142 views

Taowu - A CobaltStrike Toolkit

TaoWu檮杌 is a CobaltStrike toolkit. All the scripts are gathered on the Internet and slightly modified by myself. You can use it under GPLv3. And all on your own risk. Any PR is appreciated. Or you can contact me on E-mail [email protected] Let's make TaoWu better than ever together. Any...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2020/02/07 9:0 p.m.142 views

SEcraper - Search Engine Scraper Tool With BASH Script.

Search engine scraper tool with BASH script. Dependency curl cli Available search engine Ask.com Search.yahoo.com Bing.com Installation git clone https://github.com/zerobyte-id/SEcraper.git cd SEcraper/ Run bash secraper.bash "QUERY" Download SEcraper...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/21 1:35 p.m.142 views

Findomain v0.9.3 - The Fastest And Cross-Platform Subdomain Enumerator

The fastest and cross-platform subdomain enumerator. What Findomain can do? It table gives you a idea why you should use findomain and what it can do for you. The domain used for the test was aol.com in the following BlackArch virtual machine: Host: KVM/QEMU Standard PC i440FX + PIIX, 1996...

7.4AI score
Exploits0References17
Kitploit
Kitploit
added 2019/02/17 8:49 p.m.142 views

Fibratus - Tool For Exploration And Tracing Of The Windows Kernel

Fibratus is a tool which is able to capture the most of the Windows kernel activity - process/thread creation and termination, context switches, file system I/O, registry, network activity, DLL loading/unloading and much more. The kernel events can be easily streamed to a number of output sinks...

7.1AI score
Exploits0References4
Kitploit
Kitploit
added 2019/01/03 8:41 p.m.142 views

SiteBroker - A Cross-Platform Python Based Utility For Information Gathering And Penetration Testing Automation!

A cross-platform python based utility for information gathering and penetration automation! Output Sitebroker's Full Output Requirements Python 2.7. Python pip Python module requests Python module colorama Python module dnspython Python module lxml Python module bs4 Install modules pip install -r...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2018/03/20 1:10 p.m.142 views

S3Scanner - Scan For Open S3 Buckets And Dump

A quick and dirty script to find unsecured S3 buckets and dump their contents. Using The tool has 2 parts: 1 - s3finder.py This script takes a list of domain names and checks if they're hosted on Amazon S3. Found S3 domains are output to file with their corresponding region in format...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2017/03/06 2:29 p.m.142 views

Stitch - Python Remote Administration Tool (RAT)

This is a cross platform python framework which allows you to build custom payloads for Windows, Mac OSX and Linux as well. You are able to select whether the payload binds to a specific IP and port, listens for a connection on a port, option to send an email of system info when the system boots,...

7.1AI score
Exploits0References5
Kitploit
Kitploit
added 2023/04/05 12:30 p.m.141 views

Grepmarx - A Source Code Static Analysis Platform For AppSec Enthusiasts

Grepmarx is a web application providing a single platform to quickly understand, analyze and identify vulnerabilities in possibly large and unknown code bases. Features SAST Static Analysis Security Testing capabilities: Multiple languages support: C/C++, C, Go, HTML, Java, Kotlin, JavaScript,...

7.8AI score
Exploits0References9
Kitploit
Kitploit
added 2022/06/21 9:30 p.m.141 views

Naabu - A Fast Port Scanner Written In Go With A Focus On Reliability And Simplicity

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply. Features Fast And Simple SYN/CONNECT probe...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2020/02/22 12:30 p.m.141 views

OWASP D4N155 - Intelligent And Dynamic Wordlist Using OSINT

It's an information security audit tool that creates intelligent wordlists based on the content of the target page. Help us See some calculations used Install Need to: Python3.6, Bash GNU Bourne-Again SHell Optional: Git, Groff git clone https://github.com/owasp/D4N155.git cd D4N155 pip3 install ...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2020/01/06 8:55 p.m.141 views

LKWA - Lesser Known Web Attack Lab

Lesser Known Web Attack Lab is for intermediate pentester that can test and practice lesser known web attacks such as Object Injection, XSSI, PHAR Deserialization, variables variable ..etc. Write-ups are welcome. Installation Just clone the git with git clone https://github.com/weev3/LKWA and mov...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2019/11/03 12:30 p.m.141 views

Fail2Ban - Daemon To Ban Hosts That Cause Multiple Authentication Errors

Fail2Ban scans log files like /var/log/auth.log and bans IP addresses conducting too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time. Fail2Ban comes out-of-the-box ready to read many...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2019/03/18 8:25 p.m.141 views

Armory - A Tool Meant To Take In A Lot Of External And Discovery Data From A Lot Of Tools, Add It To A Database And Correlate All Of Related Information

Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information. It isn't meant to replace any specific tool. It is meant to take the output from various tools, and use it to feed other tools. Additionally, ...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2017/01/01 2:10 p.m.141 views

Hakku Framework - Simple Penetration Testing Framework

Hakku is simple framework that has been made for penetration testing tools. Hakku framework offers simple structure, basic CLI, and useful features for penetration testing tools developing. Hakku is on early stages and may be unstable, so please download the released versions from github or...

6.8AI score
Exploits0References3
Kitploit
Kitploit
added 2023/06/09 8:6 a.m.141 views

Kali Linux 2023.2 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2023.2. This release has various impressive updates. The changelog highlights over the last few weeks since March’s release of 2023.1 is: New VM image for Hyper-V - With “Enhanced Session Mode” out of the box Xfce audio stack update: enters...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2022/12/28 11:30 a.m.140 views

Top 20 Most Popular Hacking Tools in 2022

As last year, this year we made a ranking with the most popular tools between January and December 2022. Topics of the tools focus on Phishing, Information Gathering, Automation Tools, among others. Without going into further details, we have prepared a useful list of the most popular tools in...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2021/01/30 8:30 p.m.140 views

PSC - E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward

DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions, single- or multip-hop, being agnostic of the underlying transport, as long as it is reliable and can send/receive Base64 encoded data without modding/filtering. Along with the e2e pty...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2020/12/06 11:30 a.m.140 views

Karkinos - Penetration Testing And Hacking CTF's Swiss Army Knife With: Reverse Shell Handling - Encoding/Decoding - Encryption/Decryption - Cracking Hashes / Hashing

Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters Encrypting/Decrypting text or files Reverse shell handling Cracking and generating hashes Dependancies Any server capable of hosting...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2020/11/06 11:30 a.m.140 views

Tempomail - Generate A Custom Email Address In 1 Second And Receive Emails

tempomail is a standalone binary that allows you to create a temporary email address in 1 Second and receive emails. It uses 1secmail's API. No dependencies required! Installation From Binary Download the pre-built binaries for different platforms from the releases page. Extract them using tar,...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/03/26 12:0 p.m.140 views

RapidPayload - Metasploit Payload Generator

Framework RapidPayload - Metasploit Payload Generator Requirements OpenJDK 8 JAVA, or superiors versions. Metasploit Apktool Python3 Execution: git clone https://github.com/AngelSecurityTeam/RapidPayload cd RapidPayload bash install.sh python3 RapidPayload.py AngelSecurityTeam Download RapidPaylo...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/12/08 9:4 p.m.140 views

Ngrev - Tool For Reverse Engineering Of Angular Applications

Graphical tool for reverse engineering of Angular projects. It allows you to navigate in the structure of your application and observe the relationship between the different modules, providers, and directives. The tool performs static code analysis which means that you don't have to run your...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2019/05/13 9:10 p.m.140 views

Horn3t - Powerful Visual Subdomain Enumeration At The Click Of A Mouse

Horn3t is your Nr 1 tool for exploring subdomains visually. Building on the great Sublist3r framework or extensible with your favorite one it searches for subdomains and generates awesome picture previews. Get a fast overview of your target with http status codes, add custom found subdomains and...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2019/03/28 12:14 p.m.140 views

Mutiny Fuzzing Framework - Network Fuzzer That Operates By Replaying PCAPs Through A Mutational Fuzzer

The Mutiny Fuzzing Framework is a network fuzzer that operates by replaying PCAPs through a mutational fuzzer. The goal is to begin network fuzzing as quickly as possible, at the expense of being thorough. The general workflow for Mutiny is to take a sample of legitimate traffic, such as a browse...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2019/03/12 8:43 p.m.140 views

Hostintel - A Modular Python Application To Collect Intelligence For Malicious Hosts

This tool is used to collect various intelligence sources for hosts. Hostintel is written in a modular fashion so new intelligence sources can be easily added. Hosts are identified by FQDN host name, Domain, or IP address. This tool only supports IPv4 at the moment. The output is in CSV format an...

7.1AI score
Exploits0References12
Kitploit
Kitploit
added 2019/01/13 8:37 p.m.140 views

Twifo-Cli - Get User Information Of A Twitter User

Get user information of a Twitter user! Install $ npm install --global twifo-cli OR $ sudo npm install --global twifo-cli Usage $ Usage: twifo Example: $ twifo 9gag Related twifo : API for this tool. quorafy: Get user information of a Quora user. Download Twifo-Cli...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2016/10/21 2:21 p.m.140 views

ir-rescue - A Windows Batch Script To Comprehensively Collect Host Forensic Data

ir-rescue is a lightweight Windows Batch script that collects a myriad of forensic data from 32-bit and 64-bit Windows systems while respecting the order of volatility and artifacts that are changed with the execution of the script e.g. , prefetch files. It is intended for incident response use a...

7AI score
Exploits0References5
Kitploit
Kitploit
added 2013/11/04 3:33 a.m.140 views

[Retire.js] Command line Scanner and Chrome plugin

Retire.js is a command line scanner that helps you identify dependencies with known vulnerabilites in your application. Using the provided Grunt plugin you can easily include Retire.js into your build process. Retire.js also provides a chrome extension allowing you to detect libraries while surfi...

9.9AI score
Exploits0References1
Kitploit
Kitploit
added 2019/10/30 9:0 p.m.139 views

ThreatIngestor - Extract And Aggregate Threat Intelligence

An extendable tool to extract and aggregate IOCs from threat feeds. Integrates out-of-the-box with ThreatKB and MISP, and can fit seamlessly into any existing worflow with SQS, Beanstalk, and custom plugins. Overview ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources,...

6.9AI score
Exploits0References5
Kitploit
Kitploit
added 2019/10/28 12:0 p.m.139 views

Cryptovenom - The Cryptography Swiss Army Knife

CryptoVenom: The Cryptography Swiss Army knife What is CryptoVenom? CryptoVenom is an OpenSource tool which contains a lot of cryptosystems and cryptoanalysis methods all in one, including classical algorithms, hash algorithms, encoding algorithms, logic gates, mathematical functions, modern...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/10/26 8:49 p.m.139 views

Tails 4.0 - Live System to Preserve Your Privacy and Anonymity

Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously and circumvent censorship almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly. It is a complete operating system designed to be used fr...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2019/10/22 12:0 p.m.139 views

Osmedeus v2.1 - Fully Automated Offensive Security Framework For Reconnaissance And Vulnerability Scanning

Osmedeus allows you automated run the collection of awesome tools to reconnaissance and vulnerability scanning against the target. Installation git clone https://github.com/j3ssie/Osmedeus cd Osmedeus ./install.sh This install only focus on Kali linux, check more install on Usage page How to use ...

7.2AI score
Exploits0References7
Kitploit
Kitploit
added 2019/04/29 12:46 p.m.139 views

OSINT-Search - Useful For Digital Forensics Investigations Or Initial Black-Box Pentest Footprinting

OSINT-Search is a useful tool for digital forensics investigations or initial black-box pentest footprinting. OSINT-Search Description Script in Python that applies OSINT techniques by searching public data using email addresses, phone numbers, domains, IP addresses or URLs. Create an account at...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2019/04/20 1:12 p.m.139 views

Raptor WAF v0.6 - Web Application Firewall using DFA

Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. http://funguscodes.blogspot.com.br/ to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" us...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2019/04/16 9:47 p.m.139 views

SilkETW - Flexible C# Wrapper For ETW (Event Tracing for Windows)

SilkETW is a flexible C wrapper for ETW, it is meant to abstract away the complexities of ETW and give people a simple interface to perform research and introspection. While SilkETW has obvious defensive and offensive applications it is primarily a research tool in it's current state. For easy...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2017/08/23 3:18 p.m.139 views

WPScan v2.9.4 - Black Box WordPress Vulnerability Scanner

WPScan is a black box WordPress vulnerability scanner. INSTALL WPScan comes pre-installed on the following Linux distributions: BackBox Linux Kali Linux Pentoo SamuraiWTF BlackArch On macOS WPScan is packaged by Homebrew as wpscan. Windows is not supported We suggest you use the official Docker...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2024/01/08 11:30 a.m.138 views

CATSploit - An Automated Penetration Testing Tool Using Cyber Attack Techniques Scoring

CATSploit is an automated penetration testing tool using Cyber Attack Techniques Scoring CATS method that can be used without pentester. Currently, pentesters implicitly made the selection of suitable attack techniques for target systems to be attacked. CATSploit uses system configuration...

7.5CVSS8.3AI score0.99974EPSS
Exploits40References1
Kitploit
Kitploit
added 2021/02/04 11:30 a.m.138 views

Phpvuln - Audit Tool To Find Common Vulnerabilities In PHP Source Code

phpvuln is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection. Installation You can download phpvuln by cloning the Git...

8.2AI score
Exploits0References1
Kitploit
Kitploit
added 2020/12/27 8:30 p.m.138 views

Wynis - Audit Windows Security With Best Practice

Just a powershell scripts for auditing security with CIS BEST Practices Windows 10 and Window Server 2016 You just need to run the script, it will create a directory named : AUDITCONF%DATE% The directory output will contain the files belows: -Antivirus-%COMPUTERNAME% : List installed Antivirus...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/01/06 11:30 a.m.138 views

Multiscanner - Modular File Scanning/Analysis Framework

MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built Python scripts, web APIs, software running on another machine, etc. Tools are incorporated by...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2019/12/24 8:20 p.m.138 views

Pylane - An Python VM Injector With Debug Tools, Based On GDB

Pylane is a python vm injector with debug tools, based on gdb and ptrace. Pylane uses gdb to trace python process, inject and run some code in its python vm. Usage use inject command to inject a python script in an process: pylane inject use shell command to inject an interactive shell: pylane...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2019/11/27 11:30 a.m.138 views

Kali Linux 2019.4 Release - Penetration Testing and Ethical Hacking Linux Distribution

We are incredibly excited to announce our fourth and final release of 2019, Kali Linux 2019.4. 2019.4 includes some exciting new updates: A new default desktop environment, Xfce New GTK3 theme for Gnome and Xfce Introduction of “Kali Undercover” mode Kali Documentation has a new home and is now G...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2019/07/02 1:30 p.m.138 views

SQLMap v1.3.7 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References20
Kitploit
Kitploit
added 2019/03/27 12:5 p.m.138 views

LAPSToolkit - Tool To Audit And Attack LAPS Environments

Functions written in PowerShell that leverage PowerView to audit and attack Active Directory environments that have deployed Microsoft's Local Administrator Password Solution LAPS. It includes finding groups specifically delegated by sysadmins, finding users with "All Extended Rights" that can vi...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/20 8:14 p.m.138 views

Goscan - Interactive Network Scanner

GoScan is an interactive network scanner client, featuring auto-completion, which provides abstraction and automation over nmap. Although it started as a small side-project I developed in order to learn @golang, GoScan can now be used to perform host discovery, port scanning, and service...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2019/02/27 12:45 p.m.138 views

Ophcrack - A Windows Password Cracker Based On Rainbow Tables

Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms. Features: Runs on Windows, Linux/Unix, Mac OS X, ... Cracks LM...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2013/10/26 8:35 p.m.138 views

[SterJo Wireless Passwords v.1.4] Utility for recovering your lost wireless passwords of your network

SterJo Wireless Password is FREE utility for recovering your lost wireless passwords of your network. As the number of devices using wireless network increases same as the need for more security, it often may happen your password containing letters, numbers and special characters to be forgotten ...

10AI score
Exploits0
Kitploit
Kitploit
added 2021/09/09 11:30 a.m.137 views

Graphw00F - GraphQL fingerprinting tool for GQL endpoints

Credits to Nick Aleks for the logo! How does it work? graphw00f inspired by wafw00f is the GraphQL fingerprinting tool for GQL endpoints, it sends a mix of benign and malformed queries to determine the GraphQL engine running behind the scenes. graphw00f will provide insights into what security...

7.2AI score
Exploits0References6
Total number of security vulnerabilities5000