Lucene search
+L
KitploitMost viewed

6011 matches found

kitploit
kitploit
added 2018/12/07 8:49 p.m.76 views

Osweep - Don't Just Search OSINT, Sweep It

If you work in IT security, then you most likely use OSINT to help you understand what it is that your SIEM alerted you on and what everyone else in the world understands about it. More than likely you are using more than one OSINT service because most of the time OSINT will only provide you with...

7.2AI score
Exploits0References3
kitploit
kitploit
added 2018/10/15 9:7 p.m.76 views

Nameles - Open Source Entropy Based Invalid Traffic Detection And Pre-Bid Filtering

Nameles provides an easy to deploy, scalable IVT detection and filtering solution that is proven to detect at a high level of accuracy ad fraud and other types of invalid traffic such as web scraping. For a high level overview you might want to check out the website If you have any questions or...

7AI score
Exploits0References5
kitploit
kitploit
added 2018/10/05 12:3 p.m.76 views

DbgShell - A PowerShell Front-End For The Windows Debugger Engine

A PowerShell front-end for the Windows debugger engine. Ready to tab your way to glory? For a quicker intro, take a look at Getting Started. Disclaimers 1. This project is not produced, endorsed, or monitored by the Windows debugger team. While the debugger team welcomes feedback about their API...

6.6AI score
Exploits0References9
kitploit
kitploit
added 2018/10/04 12:45 p.m.76 views

DarkSpiritz - A Penetration Testing Framework For UNIX Systems

What is DarkSpiritz? Created by the SecTel Team it was a project of one of the owners to update and clean-up an older pentesting framework he had created to something updated and modern. DarkSpiritz is a re-vamp of the very popular framework known as "Roxysploit". You may be familiar with this...

7.4AI score
Exploits0References2
kitploit
kitploit
added 2018/08/01 9:49 p.m.76 views

WindowsSpyBlocker - Block Spying And Tracking On Windows

WindowsSpyBlocker is an application written in Go and delivered as a single executable to block spying and tracking on Windows systems. The initial approach of this application is to capture and analyze network traffic based on a set of tools. It is open for everyone and if you want to contribute...

7AI score
Exploits0References18
kitploit
kitploit
added 2018/06/07 10:10 p.m.76 views

AutoSQLi - An Automatic SQL Injection Tool Which Takes Advantage Of Googler, Ddgr, WhatWaf And SQLMap

An Automatic SQL Injection Tool Which Takes Advantage Of DorkNet Googler, Ddgr, WhatWaf And Sqlmap. Features Save System - there is a complete save system, which can resume even when your pc crashed. - technology is cool Dorking - from the command line one dork : YES - from a file: NO - from an...

8.4AI score
Exploits0References2
kitploit
kitploit
added 2018/06/07 2:10 p.m.76 views

Wifite 2.1.0 - Automated Wireless Attack Tool

A complete re-write of wifite, a Python script for auditing wireless networks. Wifite runs existing wireless-auditing tools for you. Stop memorizing command arguments & switches! What's new in Wifite2? Less bugs Cleaner process management. Does not leave processes running in the background the ol...

7.5AI score
Exploits0References3
kitploit
kitploit
added 2017/08/12 2:26 p.m.76 views

jadx - Dex to Java Decompiler

jadx - Dex to Java decompiler Command line and GUI tools for produce Java source code from Android Dex and Apk files. Building from source git clone https://github.com/skylot/jadx.git cd jadx ./gradlew dist on Windows, use gradlew.bat instead of ./gradlew Scripts for run jadx will be placed in...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2017/05/04 2:30 p.m.76 views

mimipenguin - A Tool To Dump The Login Password From The Current Linux User

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. Details Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2017/02/20 1:48 p.m.76 views

BeeLogger - Generate Emailing Keyloggers to Windows on Linux

Generate gmail emailing keyloggers to windows on linux, powered by python and compiled by pyinstaller. Features Send logs each 120 seconds. Send logs when chars 50. Send logs with gmail. Some Phishing methods are included. Multiple Session disabled. Bypass UAC. Prerequisites apt wine wget Linux...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2016/05/19 11:30 p.m.76 views

transfer.sh - Easy and Fast File Sharing from the Command-line

Easy and fast file sharing from the command-line. This code contains the server with everything you need to create your own instance. Transfer.sh support currently the s3 Amazon S3 provider and local file system local. Usage Upload: $ curl --upload-file ./hello.txt https://transfer.sh/hello.txt...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2015/07/10 3:31 p.m.76 views

Johnny - GUI for John the Ripper

Johnny is a cross-platform open-source GUI for the popular password cracker John the Ripper. Features 1. user could start, pause and resume attack though only one session is allowed globally, 2. all attack related options work, 3. all input file formats are supported pure hashes, pwdump, passwd,...

7.1AI score
Exploits0
kitploit
kitploit
added 2014/08/01 12:56 a.m.76 views

FuckShitUp - Multi Vulnerabilities Scanner written in PHP

Basically, FSU is bunch of tools written in PHP-CLI. Using build-in functions, you are able to grab url's using search engines - and so, dork for interesting files and full path disclosures. Using list of url's, scanner will look for Cross Site Scripting, Remote File Inclusion, SQL Injection and...

8.7AI score
Exploits0References4
kitploit
kitploit
added 2014/02/12 10:45 p.m.76 views

[SecLists] Collection of multiple types of lists used during security assessments

SecLists is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more. The goal is to enable a security tester to pull this repo onto a new testing box and have access to...

6.7AI score
Exploits0References1
kitploit
kitploit
added 2025/04/12 12:30 p.m.75 views

QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems

QuickResponseC2 is a stealthy Command and Control C2 framework that enables indirect and covert communication between the attacker and victim machines via an intermediate HTTP/S server. All network activity is limited to uploading and downloading images, making it an fully undetectable by IPS/IDS...

8.2AI score
Exploits0References1
kitploit
kitploit
added 2024/06/02 12:30 p.m.75 views

EvilSlackbot - A Slack Bot Phishing Framework For Red Teaming Exercises

EvilSlackbot A Slack Attack Framework for conducting Red Team and phishing exercises within Slack workspaces. Disclaimer This tool is intended for Security Professionals only. Do not use this tool against any Slack workspace without explicit permission to test. Use at your own risk. Background...

7AI score
Exploits0References1
kitploit
kitploit
added 2023/07/18 12:30 p.m.75 views

Blackbone - Windows Memory Hacking Library

Windows memory hacking library Features x86 and x64 support Process interaction Manage PEB32/PEB64 Manage process through WOW64 barrier Process Memory Allocate and free virtual memory Change memory protection Read/Write virtual memory Process modules Enumerate all 32/64 bit modules loaded...

8AI score
Exploits0References1
kitploit
kitploit
added 2023/01/23 11:30 a.m.75 views

SQLiDetector - Helps You To Detect SQL Injection "Error Based" By Sending Multiple Requests With 14 Payloads And Checking For 152 Regex Patterns For Different Databases

Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | S|Q|L|i|...

8.8AI score
Exploits0References4
kitploit
kitploit
added 2022/06/08 12:30 p.m.75 views

Socialhunter - Crawls The Website And Finds Broken Social Media Links That Can Be Hijacked

Crawls the given URL and finds broken social media links that can be hijacked. Broken social links may allow an attacker to conduct phishing attacks. It also can cost a loss of the company's reputation. Broken social media hijack issues are usually accepted on the bug bounty programs. Currently, ...

7.1AI score
Exploits0References2
kitploit
kitploit
added 2021/12/27 11:30 a.m.75 views

Snap-Scraper - Snap Scraper Enables Users To Download Media Uploaded To Snapchat's Snap Map Using A Set Of Latitude And Longitude Coordinates

Snap Scraper is an open source intelligence tool which enables users to download media uploaded to Snapchat's Snap Map using a set of latitude and longitiude co-ordinates. This project is in no way affiliated with, authorized, maintained, sponsored or endorsed by Snap inc. or any of its affiliate...

7.2AI score
Exploits0References2
kitploit
kitploit
added 2021/07/27 12:30 p.m.75 views

Reconmap - VAPT (Vulnerability Assessment And Penetration Testing) Automation And Reporting Platform

Reconmap is a vulnerability assessment and penetration testing VAPT platform. It helps software engineers and infosec pros collaborate on security projects, from planning, to implementation and documentation. The tool's aim is to go from recon to report in the least possible time. Demo Details on...

7.3AI score
Exploits0References8
kitploit
kitploit
added 2021/01/22 11:30 a.m.75 views

MetaFinder - Search For Documents In A Domain Through Google

Search For Documents In A Domain Through Google. The Objective Is To Extract Metadata. Installing dependencies: git clone https://github.com/Josue87/MetaFinder.git cd MetaFinder pip3 install -r requirements.txt Usage python3 metafinder.py -t domain.com -l 20 -v Parameters: t: Specifies the target...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2020/11/07 11:30 a.m.75 views

Threagile - Agile Threat Modeling Toolkit

Threagile see https://threagile.io for more details is an open-source toolkit for agile threat modeling: It allows to model an architecture with its assets in an agile fashion as a YAML file directly inside the IDE. Upon execution of the Threagile toolkit all standard risk rules as well as...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2020/06/08 12:30 p.m.75 views

Tangalanga - The Zoom Conference Scanner Hacking Tool

Zoom Conference scanner. This scanner will check for a random meeting id and return information if available. Usage This are all the possible flags: tangalanga \ -token=user-token \ default: env TOKEN user token to use. -colors=false \ default: true enable/disable colors -censor=true \ default:...

7AI score
Exploits0References1
kitploit
kitploit
added 2020/02/24 9:0 p.m.75 views

Dnssearch - A Subdomain Enumeration Tool

This software is a subdomain enumeration tool. Purpose dnssearch takes an input domain -domain parameter and a wordlist -wordlist parameter , it will then perform concurrent DNS requests using the lines of the wordlist as sub domains eventually bruteforcing every sub domain available on the top...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2020/01/14 8:30 p.m.75 views

Gtfo - Search For Unix Binaries That Can Be Exploited To Bypass System Security Restrictions

This is a standalone script written in Python 3 for GTFOBins. You can search for Unix binaries that can be exploited to bypass system security restrictions. These binaries can be abused to get the fk break out of restricted shells, escalate privileges, transfer files, spawn bind and reverse shell...

7.5AI score
Exploits0References2
kitploit
kitploit
added 2020/01/12 11:30 a.m.75 views

Heapinspect - Inspect Heap In Python

HeapInspect is designed to make heap much more prettier. Now this tool is aplugin of nadbg. Try it! Features Free of gdb and other requirement Multi glibc support 2.19, 2.23-2.27 currently tested both 32bit and 64bit Nice UI to show heap HeapShower detailed PrettyPrinter colorful, summary Heapdif...

7.4AI score
Exploits0References2
kitploit
kitploit
added 2019/11/20 12:0 p.m.75 views

Ddoor - Cross Platform Backdoor Using Dns Txt Records

Cross-platform backdoor using dns txt records. What is ddor? ddor is a cross platform light weight backdoor that uses txt records to execute commands on infected machines. Features Allows a single txt record to have seperate commands for both linux and windows machines List of around 10 public DN...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2019/11/13 11:41 a.m.75 views

NetAss2 - Network Assessment Assistance Framework

Easier network scanning with NetAss2 Network Assessment Assistance Framework. Make it easy for Pentester to do penetration testing on network. Dependencies nmap tool zmap tool Installation git clone https://github.com/zerobyte-id/NetAss2.git cd NetAss2 sudo chmod +x install.bash sudo ./install.ba...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2019/08/07 10:21 p.m.75 views

KRF - A Kernelspace Randomized Faulter

KRF is a K ernelspace R andomized F aulter. It currently supports the Linux and FreeBSD kernels. What? Fault injection is a software testing technique that involves inducing failures "faults" in the functions called by a program. If the callee has failed to perform proper error checking and...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2018/10/09 9:48 p.m.75 views

Clrinject - Injects C# EXE Or DLL Assembly Into Every CLR Runtime And AppDomain Of Another Process

Injects C EXE or DLL Assembly into any CLR runtime and AppDomain of another process. The injected assembly can then access static instances of the injectee process's classes and therefore affect it's internal state. Usage clrinject-cli.exe -p -a Opens process with id or name , inject EXE and...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2018/04/30 12:2 p.m.75 views

RedHunt OS - Virtual Machine For Adversary Emulation And Threat Hunting

Virtual Machine for Adversary Emulation and Threat Hunting RedHunt aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. Base Machine: Lubuntu-17.10.1...

7.2AI score
Exploits0References14
kitploit
kitploit
added 2017/09/03 9:30 p.m.75 views

Demiguise - HTA Encryption Tool for RedTeams

What does it do? The aim of this project is to generate .html files that contain an encrypted HTA file. The idea is that when your target visits the page, the key is fetched and the HTA is decrypted dynamically within the browser and pushed directly to the user. This is an evasion technique to ge...

7.6AI score
Exploits0References4
kitploit
kitploit
added 2016/04/30 9:12 p.m.75 views

Hob0Rules - Password cracking rules for Hashcat based on statistics and industry patterns

Password cracking rules for Hashcat based on statistics and industry patterns. The following blog posts on passwords explain the statistical signifigance of these rulesets: Statistics Will Crack Your Password Praetorian Password Cracking Rules Released Useful wordlists to utilize with these rules...

7.7AI score
Exploits0References1
kitploit
kitploit
added 2025/05/09 12:30 p.m.74 views

Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale

Implement and monitor Appsec control at scale. Requirements NodeJS 20.13 Tested on Mac Ubuntu How to install $ git clone [email protected]:mf-labs/witcher.git $ cd witcher $ npm i Build a Docker image $ git clone [email protected]:mf-labs/witcher.git $ cd witcher $ docker build -t witch...

7.6AI score
Exploits0References2
kitploit
kitploit
added 2024/04/26 12:30 p.m.74 views

CSAF - Cyber Security Awareness Framework

The Cyber Security Awareness Framework CSAF is a structured approach aimed at enhancing Cybersecurity" title="Cybersecurity"cybersecurity awareness and understanding among individuals, organizations, and communities. It provides guidance for the development of effective Cybersecurity"...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2024/03/04 11:30 a.m.74 views

BloodHound - Six Degrees Of Domain Admin

BloodHound is a monolithic web application composed of an embedded React frontend with Sigma.js and a Go based REST API backend. It is deployed with a Postgresql application database and a Neo4j graph database, and is fed by the SharpHound and AzureHound data collectors. BloodHound uses graph...

7.4AI score
Exploits0References9
kitploit
kitploit
added 2023/08/18 12:30 p.m.74 views

Bryobio - NETWORK Pcap File Analysis

NETWORK Pcap File Analysis, It was developed to speed up the processes of SOC Analysts during analysis Tested OK Debian OK Ubuntu Requirements $ pip install pyshark $ pip install dpkt $ Wireshark $ Tshark $ Mergecap $ Ngrep 𝗜𝗡𝗦𝗧𝗔𝗟𝗟𝗔𝗧𝗜𝗢𝗡 𝗜𝗡𝗦𝗧𝗥𝗨𝗖𝗧𝗜𝗢𝗡𝗦 $ https://github.com/emrekybs/Bryobio.git $ cd...

7.3AI score
Exploits0References3
kitploit
kitploit
added 2023/06/21 12:30 p.m.74 views

Scanner-and-Patcher - A Web Vulnerability Scanner And Patcher

This tools is very helpful for finding vulnerabilities present in the Web Applications. A web application scanner explores a web application by crawling through its web pages and examines it for security vulnerabilities, which involves generation of malicious inputs and evaluation of application'...

8AI score
Exploits0References8
kitploit
kitploit
added 2021/06/13 12:30 p.m.74 views

pyWhat - Identify Anything. Easily Lets You Identify Emails, IP Addresses, And More...

The easiest way to identify anything pip3 install pywhat && pywhat --help What is this? Imagine this: You come across some mysterious text 5f4dcc3b5aa765d61d8327deb882cf99 and you wonder what it is. What do you do? Well, with what all you have to do is ask what "5f4dcc3b5aa765d61d8327deb882cf99"...

7AI score
Exploits0References2
kitploit
kitploit
added 2021/03/17 8:30 p.m.74 views

Turbo-Intruder - A Burp Suite Extension For Sending Large Numbers Of HTTP Requests And Analyzing The Results

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It's intended to complement Burp Intruder by handling attacks that require exceptional speed, duration, or complexity. The following features set it apart: Fast - Turbo Intruder uses a...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2020/12/19 8:30 p.m.74 views

Bheem - Simple Collection Of Small Bash-Scripts Which Runs Iteratively To Carry Out Various Tools And Recon Process

Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process & store output in an organized way. This project was created initially for automation of Recon for personal usage and was never meant to be public as there is nothing fan...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2020/11/24 11:30 a.m.74 views

Xerror - Fully Automated Pentesting Tool

Xerror is an automated penetration tool , which will helps security professionals and non professionals to automate their pentesting tasks. Xerror will perform all tests and, at the end generate two reports for executives and analysts. Xerror provides GUI easy to use menu driven options.Iinternal...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2020/11/23 11:30 a.m.74 views

Osi.Ig - Information Gathering Instagram

The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to get from just looking at their profile The information includes: profile : user id, followers / following, number of uploads, profile img URL, business enum, external URL, joined...

7AI score
Exploits0References1
kitploit
kitploit
added 2020/08/31 9:30 p.m.74 views

DVS - D(COM) V(ulnerability) S(canner) AKA Devious Swiss Army Knife

Did you ever wonder how you can move laterally through internal networks? or interact with remote machines without alerting EDRs? Let's assume that we have a valid credentials, or an active session with access to a remote machine, but we are without an option for executing a process remotely in a...

7.9AI score
Exploits0References2
kitploit
kitploit
added 2020/05/28 9:30 p.m.74 views

MemoryMapper - Lightweight Library Which Allows The Ability To Map Both Native And Managed Assemblies Into Memory

Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do...

8AI score
Exploits0References2
kitploit
kitploit
added 2020/05/13 12:33 a.m.74 views

Kali Linux 2020.2 Release - Penetration Testing and Ethical Hacking Linux Distribution

We are incredibly excited to announce the second release of 2020, Kali Linux 2020.1.2 A quick overview of what’s new since January: KDE Plasma Makeover & Login PowerShell by Default. Kind of. Kali on ARM Improvements Lessons From The Installer Changes New Key Packages & Icons Behind the Scenes,...

7.4AI score
Exploits0References2
kitploit
kitploit
added 2019/10/27 8:55 p.m.74 views

Tor Browser v9.0 - Everything you Need to Safely Browse the Internet

Tor Browser 9.0 is the first stable release based on Firefox 68 ESR and contains a number of updates to other components as well including Tor to 0.4.1.6 and OpenSSL to 1.1.1d for desktop versions and Tor to 0.4.1.5 for Android. In addition to all the needed patch rebasing and toolchain updates, ...

7AI score
Exploits0
kitploit
kitploit
added 2018/05/08 12:23 p.m.74 views

Zoom - Automatic & Lightning Fast Wordpress Vulnerability Scanner

Zoom is a lightning fast wordpress vulnerability scanner equipped with subdomain & infinite username enumeration.. It doesn't support plugin & theme enumeration at the moment. What's infinite enumeration? Try enumerating usernames of cybrary.com with Zoom & wpscan or your fav tool. Twitter:...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2014/05/26 2:35 a.m.74 views

MagicTree - Penetration Tester Productivity Tool

Have you ever spent ages trying to find the results of a particular portscan you were sure you did? Or grepping through a bunch of files looking for data for a particular host or service? Or copy-pasting bits of output from a bunch of typescripts into a report? We certainly did, and that's why we...

7.9AI score
Exploits0
Total number of security vulnerabilities5000