Lucene search
+L
KitploitMost viewed

6011 matches found

kitploit
kitploit
added 2019/10/31 12:0 p.m.93 views

UBoat - HTTP Botnet Project

A POC HTTP Botnet designed to replicate a full weaponised commercial botnet Disclaimer This project should be used for authorized testing or educational purposes only. The main objective behind creating this offensive project was to aid security researchers and to enhance the understanding of...

7.6AI score
Exploits0References5
kitploit
kitploit
added 2018/11/30 8:15 p.m.93 views

XSSFuzzer - A Tool Which Generates XSS Payloads Based On User-Defined Vectors And Fuzzing Lists

XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS payloads based on user-defined vectors using multiple placeholders which are replaced with fuzzing lists. It offers the possibility to just generate the payloads as plain-text or to execute them inside an...

6.8AI score
Exploits0References1
kitploit
kitploit
added 2018/10/03 9:19 p.m.93 views

XenoScan - Open Source Memory Scanner Written In C++

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values. These types of tools are typically used when hacking video games, as they allow one to locate the values representing the game's state in memory. XenoScan is writte...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2018/09/14 9:59 p.m.93 views

SVScanner - Scanner Vulnerability And Massive Exploit

Is a tool for scanning and massive exploits. Our tools target several open source cms. Getting Started with Linux 1. git clone https://github.com/radenvodka/SVScanner.git 2. cd SVScanner 3. php svscanner.php Getting Started with Windows 1. Download Xampp PHP7 2. Download SVScanner :...

7.3AI score
Exploits0References2
kitploit
kitploit
added 2014/05/29 10:25 p.m.93 views

Hook Analyser 3.1 - Malware Analysis Tool

Hook Analyser is a freeware application which allows an investigator/analyst to perform “static & run-time / dynamic” analysis of suspicious applications, also gather analyse & co-related threat intelligence related information or data from various open sources on the Internet. Essentially it’s a...

7.3AI score
Exploits0
kitploit
kitploit
added 2013/10/26 8:33 p.m.93 views

[Doona] Network Protocol Fuzzer

Doona is a fork of the Bruteforce Exploit Detector, it was renamed to avoid confusion as it has a large number of of changes. You should get a copy from github if you want to try it: https://github.com/wireghoul/doona. It's currently a little short on documentation, so I will let the changelog...

10AI score
Exploits0References1
kitploit
kitploit
added 2013/04/23 9:52 p.m.93 views

[Fern Wifi Cracker] Wireless security auditing and attack software to crack and recover WEP/WPA/WPS keys

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks...

7.5AI score
Exploits0
kitploit
kitploit
added 2024/03/24 11:30 a.m.92 views

Pentest-Muse-Cli - AI Assistant Tailored For Cybersecurity Professionals

Pentest Muse is an AI assistant tailored for cybersecurity professionals. It can help penetration testers brainstorm ideas, write payloads, analyze code, and perform reconnaissance. It can also take actions, execute command line codes, and iteratively solve complex tasks. Pentest Muse Web App In...

8AI score
Exploits0References1
kitploit
kitploit
added 2022/08/20 12:30 p.m.92 views

dnsReaper - Subdomain Takeover Tool For Attackers, Bug Bounty Hunters And The Blue Team!

DNS Reaper is yet another sub-domain takeover tool, but with an emphasis on accuracy, speed and the number of signatures in our arsenal! We can scan around 50 subdomains per second, testing each one with over 50 takeover signatures. This means most organisations can scan their entire DNS estate i...

7.2AI score
Exploits0References3
kitploit
kitploit
added 2021/07/29 9:30 p.m.92 views

Sniffle - A Sniffer For Bluetooth 5 And 4.X LE

Sniffle is a sniffer for Bluetooth 5 and 4.x LE using TI CC1352/CC26x2 hardware. Sniffle has a number of useful features, including: Support for BT5/4.2 extended length advertisement and data packets Support for BT5 Channel Selection Algorithms 1 and 2 Support for all BT5 PHY modes regular 1M, 2M...

6.7AI score
Exploits0References1
kitploit
kitploit
added 2021/07/05 12:30 p.m.92 views

Backstab - A Tool To Kill Antimalware Protected Processes

Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working against the EDR? Well, why not just kill it? Backstab is a tool capable of killing antimalware protected processes by leveraging sysinternals’ Process Explorer ProcExp driver, which...

7.2AI score
Exploits0References2
kitploit
kitploit
added 2021/05/31 12:30 p.m.92 views

Bucky - An Automatic S3 Bucket Discovery Tool

Bucky is an automatic tool designed to discover S3 bucket misconfiguration, Bucky consists up of two modules Bucky firefox addon and Bucky backend engine. Bucky addon reads the source code of the webpages and uses Regular ExpressionRegex to match the S3 bucket used as Content Delivery NetworkCDN...

7.3AI score
Exploits0References3
kitploit
kitploit
added 2021/03/29 11:30 a.m.92 views

Boomerang - A Tool To Expose Multiple Internal Servers To Web/Cloud

Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports on the Cloud. One will be where tools like proxychains can connect over socks, another will be for the agent to connect. The agent can be executed on any internal host. Th...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2020/10/21 8:30 p.m.92 views

MalwareSourceCode - Collection Of Malware Source Code For A Variety Of Platforms In An Array Of Different Programming Languages

Malware Source Code Collection !!! DISCLAIMER !!! We do not take any responsibility for any damage done by the code in this repository. Download, compile or run at your own risk Contents: This repository contains the source code for the following: . ├── Acad ├── Engines │ ├── BAT │ ├── Linux...

7.7AI score
Exploits0References1
kitploit
kitploit
added 2020/08/02 9:30 p.m.92 views

DeimosC2 - A Golang Command And Control Framework For Post-Exploitation

DeimosC2 is a post-exploitation Command & Control C2 tool that leverages multiple communication methods in order to control machines that have been compromised. DeimosC2 server and agents works on, and has been tested on, Windows, Darwin, and Linux. It is entirely written in Golang with a front e...

7.6AI score
Exploits0References11
kitploit
kitploit
added 2020/04/02 11:30 a.m.92 views

DigiTrack - Attacks For $5 Or Less Using Arduino

In 30 seconds, this attack can learn which networks a MacOS computer has connected to before, and plant a script that tracks the current IP address and Wi-Fi network every 60 seconds. Now includes: Hardtracker -Digispark VPN buster to send the IP address and BSSID/SSID of nearby Wi-Fi networks on...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2020/03/17 8:30 p.m.92 views

Lazydocker - The Lazier Way To Manage Everything Docker

A simple terminal UI for both docker and docker-compose, written in Go with the gocui library. Minor rant incoming: Something's not working? Maybe a service is down. docker-compose ps. Yep, it's that microservice that's still buggy. No issue, I'll just restart it: docker-compose restart. Okay now...

6.9AI score
Exploits0References9
kitploit
kitploit
added 2020/02/03 11:37 a.m.92 views

Injectus - CRLF And Open Redirect Fuzzer

Simple python tool that goes through a list of URLs trying CRLF and open redirect payloads. ▪ ▐ ▄ ▐▄▄▄▄▄▄ . ▄▄· ▄▄▄▄▄▄• ▄▌.▄▄ · ██ •█▌▐█ ·██▀▄.▀·▐█ ▌▪•██ █▪██▌▐█ ▀. ▐█·▐█▐▐▌▪▄ ██▐▀▀▪▄██ ▄▄ ▐█.▪█▌▐█▌▄▀▀▀█▄ ▐█▌██▐█▌▐▌▐█▌▐█▄▄▌▐███▌ ▐█▌·▐█▄█▌▐█▄▪▐█ ▀▀▀▀ ██▪ ▀▀▀• ▀▀▀ ·▀▀▀ ▀▀▀ ▀▀▀ ▀▀▀▀ BOUNTYSTRIKE...

7.3AI score
Exploits0References2
kitploit
kitploit
added 2019/12/15 11:30 a.m.92 views

EXIST - Web Application For Aggregating And Analyzing Cyber Threat Intelligence

EXIST is a web application for aggregating and analyzing CTI cyber threat intelligence. EXIST is written by the following software. Python 3.5.4 Django 1.11.22 Concept EXIST is a web application for aggregating CTI to help security operators investigate incidents based on related indicators. EXIS...

6.6AI score
Exploits0References8
kitploit
kitploit
added 2018/12/03 8:55 p.m.92 views

PENTOL - Pentester Toolkit For Fiddler2

PENTOL - Pentester Toolkit is built as a plugin for the Fiddler HTTP debugging proxy. Features CORS DETECTED Cross-Origin Resource Sharing CRLF DETECTED HTTP response splitting Headers DETECTED X-Frame-Options USAGE Install Fiddler2 Open Fiddler2 Press Key CTRL + R or Rules Customize Rules... Cop...

7.4AI score
Exploits0References3
kitploit
kitploit
added 2018/01/29 12:57 p.m.92 views

Injectify - Perform Advanced MiTM Attacks On Websites With Ease

A modern BeEF inspired framework for the 21st century. Cross-platform clients = Web in-browser and Desktop Electron. Created from-scratch using pure NodeJS and Typescript. What can it do? Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a...

7.3AI score
Exploits0References5
kitploit
kitploit
added 2014/05/28 2:4 a.m.92 views

Kali Linux 1.0.7 Released

Kernel 3.14, Tool Updates, Package Improvements Kali linux 1.0.7 has just been released, complete with a whole bunch of tool updates, a new kernel, and some cool new features. Check out our changelog for a full list of these items. As usual, you don’t need to re-download or re-install Kali to...

7.3AI score
Exploits0
kitploit
kitploit
added 2023/05/22 12:30 p.m.91 views

Hades - Go Shellcode Loader That Combines Multiple Evasion Techniques

Hades is a proof of concept loader that combines several evasion technques with the aim of bypassing the defensive mechanisms commonly used by modern AV/EDRs. Usage The easiest way, is probably building the project on Linux using make. git clone https://github.com/f1zm0/hades && cd hades make The...

7.7AI score
Exploits0References10
kitploit
kitploit
added 2022/10/09 11:30 a.m.91 views

EvilnoVNC - Ready To Go Phishing Platform

EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2022/06/09 9:30 p.m.91 views

Blackbird - An OSINT Tool To Search For Accounts By Username In 101 Social Networks

Blackbird An OSINT tool to search fast for accounts by username across 101 sites. The Lockheed SR-71 "Blackbird" is a long-range, high-altitude, Mach 3+ strategic reconnaissance aircraft developed and manufactured by the American aerospace company Lockheed Corporation. Disclaimer This or previous...

6.9AI score
Exploits0References4
kitploit
kitploit
added 2022/04/16 9:30 p.m.91 views

Kraken - A Multi-Platform Distributed Brute-Force Password Cracking System

Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator based cracking across multiple machines both as a web app in a web browser and as a standalone electron based client. Kraken aims to be easy to use, fault tolera...

7.6AI score
Exploits0References4
kitploit
kitploit
added 2021/12/28 11:30 a.m.91 views

Top 20 Most Popular Hacking Tools in 2021

As last year, this year we made a ranking with the most popular tools between January and December 2021. Topics of the tools focus on Phishing, Information Gathering, Automation Tools,, among others. Without going into further details, we have prepared a useful list of the most popular tools in...

7.3AI score
Exploits0
kitploit
kitploit
added 2021/10/04 11:30 a.m.91 views

Bopscrk - Tool To Generate Smart And Powerful Wordlists

bopscrk B efore O utset P aS sword CR acK ing is a tool to generate smart and powerful wordlists for targeted attacks. Included in BlackArch Linux pentesting distribution and Rawsec'sCybersecurity Inventory since August 2019. Targeted-attack wordlist creator : introduce personal info related to...

7.2AI score
Exploits0References3
kitploit
kitploit
added 2021/09/23 8:30 p.m.91 views

JSPanda - Client-Side Prototype Pullution Vulnerability Scanner

JSpanda is client-side prototype pollution vulnerability scanner. It has two key features, scanning vulnerability the supplied URLs and analyzing the JavaScript libraries' source code. However, JSpanda cannot detect advanced prototype pollution vulnerabilities. How JSPanda works? Uses multiple...

7.2AI score
Exploits0References7
kitploit
kitploit
added 2021/08/22 12:30 p.m.91 views

SQLancer - Detecting Logic Bugs In DBMS

SQLancer Synthesized Query Lancer is a tool to automatically test Database Management Systems DBMS in order to find logic bugs in their implementation. We refer to logic bugs as those bugs that cause the DBMS to fetch an incorrect result set e.g., by omitting a record. SQLancer operates in the...

7.8AI score
Exploits0References5
kitploit
kitploit
added 2021/07/23 9:30 p.m.91 views

In0ri - Defacement Detection With Deep Learning

In0ri is a defacement detection system utilizing a image-classification convolutional neural network. Introduction When monitoring a website, In0ri will periodically take a screenshot of the website then put it through a preprocessor that will resize the image down to 250x250px and numericalize t...

7.2AI score
Exploits0References2
kitploit
kitploit
added 2021/06/12 12:30 p.m.91 views

iOS Malicious Bit Hunter - A Malicious Plug-In Detection Eng ine For iOS Applications

iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the macho file of the injected dylib dynamic library based on runtime, and can perform behavior analysis through interface input characteristics to determine the behavior of the dynam...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2021/05/14 12:30 p.m.91 views

R77-Rootkit - Fileless Ring 3 Rootkit With Installer And Persistence That Hides Processes, Files, Network Connections, Etc...

Ring 3 rootkit r77 is a ring 3 Rootkit that hides following entities from all processes: Files, directories, junctions, named pipes, scheduled tasks Processes CPU usage Registry keys & values Services TCP & UDP connections It is compatible with Windows 7 and Windows 10 in both x64 and x86 edition...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2020/08/25 9:30 p.m.91 views

VolExp - Volatility Explorer

This program allows the user to access a Memory Dump. It can also function as a plugin to the Volatility Framework https://github.com/volatilityfoundation/volatility. This program functions similarly to Process Explorer/Hacker, but additionally it allows the user access to a Memory Dump or access...

6.9AI score
Exploits0References5
kitploit
kitploit
added 2020/08/03 9:30 p.m.91 views

Cnitch - Container Snitch Checks Running Processes Under The Docker Engine And Alerts If Any Are Found To Be Running As Root

cnitch snitch or container snitch is a simple framework and command line tool for monitoring Docker containers to identify any processes which are running as root. Why is this a bad thing? If you have not already been to can I haz non-privileged containers? by mhausenblas then I recommend you hea...

7.3AI score
Exploits0References3
kitploit
kitploit
added 2020/04/01 11:30 a.m.91 views

MSSQLi-DUET - SQL Injection Script For MSSQL That Extracts Domain Users From An Active Directory Environment Based On RID Bruteforcing

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing. Supports various forms of WAF bypass techniques through the implementation of SQLmap tamper functions. Additional tamper functions can be incorporated by the user depending on...

8.6AI score
Exploits0References1
kitploit
kitploit
added 2020/02/13 11:30 a.m.91 views

OpenRelayMagic - Tool To Find SMTP Servers Vulnerable To Open Relay

╔═╗┌─┐┌─┐┌┐┌╦═╗┌─┐┬ ┌─┐┬ ┬╔╦╗┌─┐┌─┐┬┌─┐ ║ ║├─┘├┤ │││╠╦╝├┤ │ ├─┤└┬┘║║║├─┤│ ┬││ ╚═╝┴ └─┘┘└┘╩╚═└─┘┴─┘┴ ┴ ┴ ╩ ╩┴ ┴└─┘┴└─┘ Tool to test for vulnerable open relays on SMTP servers Features Check single target/ domain list Port 587 and 465 Implemented Multithreaded Download OpenRelayMagic...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2019/10/21 11:29 a.m.91 views

UAC-A-Mola - Tool That Allows Security Researchers To Investigate New UAC Bypasses, In Addition To Detecting And Exploiting Known Bypasses

UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. The strong point of uac-a-mola is that it was created so that other...

7.9AI score
Exploits0References1
kitploit
kitploit
added 2018/11/28 8:12 p.m.91 views

Mcreator - Encoded Reverse Shell Generator With Techniques To Bypass AV's

Encoded Reverse Shell Generator With Techniques To Bypass AV's Installation git clone https://github.com/blacknbunny/mcreator.git && cd mcreator/ && python mcreator.py Version python 2.7. can't be lower or higher than 2.7 cause of the """ syntax in scripts. Runnig mcreator console python...

7.3AI score
Exploits0References6
kitploit
kitploit
added 2018/06/30 2:7 p.m.91 views

Aker - SSH Bastion/Jump Host/Jumpserver

Aker is a security tool that helps you configure your own Linux ssh jump/bastion host. Named after an Egyptian mythology deity who guarded the borders, Aker would act as choke point through which all your sysadmins and support staff access Linux production servers. Aker SSH gateway includes a lot...

7.3AI score
Exploits0References4
kitploit
kitploit
added 2018/02/20 12:41 p.m.91 views

DVHMA - Damn Vulnerable Hybrid Mobile App (For Android) That Intentionally Contains Vulnerabilities

Damn Vulnerable Hybrid Mobile App DVHMA is an hybrid mobile app for Android that intentionally contains vulnerabilities. Its purpose is to enable security professionals to test their tools and techniques legally, help developers better understand the common pitfalls in developing hybrid mobile ap...

7.7AI score
Exploits0References1
kitploit
kitploit
added 2017/05/14 3:30 p.m.91 views

Pwntools - CTF Framework And Exploit Development Library

pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. from pwn import contextarch = 'i386', os = 'linux' r = remote'exploitme.example.com', 31337 EXPLOIT COD...

7.2AI score
Exploits0References2
kitploit
kitploit
added 2017/04/05 2:25 p.m.91 views

morty - Privacy aware web content sanitizer proxy as a service

Web content sanitizer proxy as a service. Morty rewrites web pages to exclude malicious HTML tags and attributes. It also replaces external resource references to prevent third party information leaks. The main goal of morty is to provide a result proxy for searx , but it can be used as a...

6.8AI score
Exploits0References2
kitploit
kitploit
added 2015/03/19 12:36 a.m.91 views

ProxyDroid - Set Proxys (Http / Socks4 / Socks5) on your Android devices

ProxyDroid is an app that can help you to set the proxy http / socks4 / socks5 on your android devices. FEATURES 1. Support HTTP / HTTPS / SOCKS4 / SOCKS5 proxy 2. Support basic / NTLM / NTLMv2 authentication methods 3. Individual proxy for only one or several apps 4. Multiple profiles support 5...

7.5AI score
Exploits0
kitploit
kitploit
added 2013/12/18 12:21 a.m.91 views

[IP-reputation-snort-rule-generator] A tool to generate Snort rules based on public IP reputation data

A tool to generate Snort rules or Cisco IDS signatures based on public IP/domain reputation data. Usage ./tepig.pl --file=LOCALFILE | --url=URL --csv=FIELDNUM --sid=INITIALSID --ids=snort|cisco | --help LOCALFILE is a file stored locally that contains a list of malicious domains, IP addresses...

6.8AI score
Exploits0References2
kitploit
kitploit
added 2013/02/25 11:39 p.m.91 views

[Web-Sorrow] Tool for Misconfiguration, Version Detection, Enumeration, and Server Information Scanning

Web-Sorrow is a perl based tool for misconfiguration, version detection, enumeration, and server information scanning. It's entirely focused on Enumeration and collecting Info on the target server. Web-Sorrow is a "safe to run" program, meaning it is not designed to be an exploit or perform any...

9.8AI score
Exploits0
kitploit
kitploit
added 2024/05/02 12:30 p.m.90 views

C2-Cloud - The C2 Cloud Is A Robust Web-Based C2 Framework, Designed To Simplify The Life Of Penetration Testers

The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface. C2 Clou...

7.4AI score
Exploits0References3
kitploit
kitploit
added 2021/07/24 9:30 p.m.90 views

Terraguard - Create And Destroy Your Own VPN Service Using WireGuard

This project's goal is to be simple to create and destroy your own VPN service using WireGuard. Prerequisites Terraform = 1.0.0 Ansible = 2.10.5 How to Deploy Terraform Run with sudo is necessary because we need permission on localhost to install packages, configure a network interface and start ...

7.4AI score
Exploits0References2
kitploit
kitploit
added 2021/05/15 9:30 p.m.90 views

CIMplant - C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems

C port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or the current user's session. Note: Some commands will use PowerShell in combination with WMI, denoted with in the --show-commands command. Introduction CIMplant is a C rewrite and expansion...

7.5AI score
Exploits0References2
kitploit
kitploit
added 2021/04/16 9:30 p.m.90 views

IRTriage - Incident Response Triage - Windows Evidence Collection For Forensic Analysis

Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically "Run As ADMINISTRATOR" in all Windows versions except WinXP. The original source was Triage-ir v0.851 an Autoit script written by Michael Ahrendt. Unfortunately Michael's last changes were posted...

7.1AI score
Exploits0References2
Total number of security vulnerabilities5000