Lucene search
+L
KitploitMost viewed

6011 matches found

kitploit
kitploit
added 2020/10/04 11:30 a.m.71 views

AdvPhishing - This Is Advance Phishing Tool! OTP PHISHING

This Is Advance Phishing Tool! OTP PHISHING SPECIAL OTP BYPASS VIDEO WORKED Social Media Hack | Link ---|--- Installation Termux | https://www.youtube.com/watch?v=LO3hX1lLBjI Whatsapp OTP | https://www.youtube.com/watch?v=pyB63ym3QYs Google OTP | https://www.youtube.com/watch?v=MhSb4My1lZo Paytm...

7.2AI score
Exploits0References2
kitploit
kitploit
added 2020/09/06 8:30 p.m.71 views

Autovpn - Create On Demand Disposable OpenVPN Endpoints On AWS

Script that allows the easy creation of OpenVPN endpoints in any AWS region. To create a VPN endpoint is done with a single command takes 3 minutes. It will create the proper security groups. It spins up a tagged ec2 instance and configures OpenVPN software. Once instance is configured an OpenVPN...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2020/08/01 12:30 p.m.71 views

Cloudsplaining - An AWS IAM Security Assessment Tool That Identifies Violations Of Least Privilege And Generates A Risk-Prioritized Report

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report. Example report Documentation For full documentation, please visit the project on ReadTheDocs. Installation Cheat sheet Example report Overview...

7.5AI score
Exploits0References10
kitploit
kitploit
added 2020/05/02 9:30 p.m.71 views

Klar - Integration Of Clair And Docker Registry

Integration of Clair and Docker Registry supports both Clair API v1 and v3 Klar is a simple tool to analyze images stored in a private or public Docker registry for security vulnerabilities using Clair https://github.com/coreos/clair. Klar is designed to be used as an integration tool so it relie...

7.4AI score
Exploits0References3
kitploit
kitploit
added 2020/04/24 9:30 p.m.71 views

Should-I-Trust - OSINT Tool To Evaluate The Trustworthiness Of A Company

should-i-trust is a tool to evaluate OSINT signals for a domain. Requirements should-i-trust requires API keys from the following sources: Censys.io - Free for for first 250/quries/month VirusTotal - Free GrayHatWarFare - Free with limited results Use Case You're part of a review board that's...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2020/01/30 9:0 p.m.71 views

S3Enum - Fast Amazon S3 Bucket Enumeration Tool For Pentesters

s3enum is a tool to enumerate a target's Amazon S3 buckets. It is fast and leverages DNS instead of HTTP, which means that requests don't hit AWS directly. It was originally built back in 2016 to target GitHub. Installation Binaries Find the binaries on the Releases page. Go go get...

7.1AI score
Exploits0References5
kitploit
kitploit
added 2019/03/21 12:11 p.m.71 views

RapidRepoPull - Tool To Quickly Pull And Install Repos From A List

Description This program uses Python to clone/maintain multiple security related repos using threading and multiprocessing Goal The goal of this program is to quickly pull and install repos from its list Use cases Quickly install your favorite Security repos on a new system Kick off multiple...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2018/10/10 9:12 p.m.71 views

DigiDuck Framework - Framework For Digiduck Development Boards Running ATTiny85 Processors And Micronucleus Bootloader

Framework for Digiduck Development Boards running ATTiny85 processors and micronucleus bootloader! Roadmap: Plan to implement a command for Duckyspark translation within the framework. Requirements: - ATTiny85 or other compatible "Digispark" Development Boards - DigiSpark Drivers If you can use...

7.3AI score
Exploits0References5
kitploit
kitploit
added 2018/05/28 2:0 p.m.71 views

GyoiThon - A Growing Penetration Test Tool Using Machine Learning

GyoiThon is a growing penetration test tool using Machine Learning. GyoiThon identifies the software installed on web server OS, Middleware, Framework, CMS, etc... based on the learning data. After that, it executes valid exploits for the identified software using Metasploit. Finally, it generate...

7.8AI score
Exploits0References6
kitploit
kitploit
added 2017/03/10 2:30 p.m.71 views

filtron - Filtering reverse HTTP proxy

Reverse HTTP proxy to filter requests by different rules. Can be used between production webserver and the application server to prevent abuse of the application backend. The original purpose of this program was to defend searx , but it can be used to guard any web application. Installation and...

7.3AI score
Exploits0References3
kitploit
kitploit
added 2016/07/31 3:30 p.m.71 views

Xerosploit - Efficient And Advanced Man In The Middle Framework

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. Powered by bettercap and nmap...

7.7AI score
Exploits0References1
kitploit
kitploit
added 2015/06/04 10:59 p.m.71 views

I2P - The Invisible Internet Project

I2P is an anonymous network, exposing a simple layer that applications can use to anonymously and securely send messages to each other. The network itself is strictly message based a la IP, but there is a library available to allow reliable streaming communication on top of it a la TCP. All...

7.4AI score
Exploits0
kitploit
kitploit
added 2015/02/03 8:58 p.m.71 views

AppCrashView - View Application Crashes (.wer files)

AppCrashView is a small utility for Windows Vista and Windows 7 that displays the details of all application crashes occurred in your system. The crashes information is extracted from the .wer files created by the Windows Error Reporting WER component of the operating system every time that a cra...

6.7AI score
Exploits0
kitploit
kitploit
added 2015/01/20 2:1 p.m.71 views

ProGuard - Java class file Shrinker, Optimizer, Obfuscator and Preverifier

ProGuard is a free Java class file shrinker, optimizer, obfuscator, and preverifier. It detects and removes unused classes, fields, methods, and attributes. It optimizes bytecode and removes unused instructions. It renames the remaining classes, fields, and methods using short meaningless names...

7.2AI score
Exploits0
kitploit
kitploit
added 2024/05/15 12:30 p.m.70 views

Subhunter - A Fast Subdomain Takeover Tool

Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain and redirect users intended for an organization's domain to a website that performs malicious activities, such as phishing campaigns, stealing user cookies, etc. It occurs when...

7.3AI score
Exploits0References3
kitploit
kitploit
added 2023/10/27 8:0 p.m.70 views

Mailchecker - Cross-language Temporary (Disposable/Throwaway) Email Detection Library. Covers 55 734+ Fake Email Providers

Cross-language email validation. Backed by a database of over 55 000 throwable email domains. Validate the format of your email uses validator.js email regex underneath and FILTERVALIDATEEMAIL for PHP Validate if the email is not a temporary mail yopmail-like..., add your own dataset to list.txt...

7.3AI score
Exploits0References92
kitploit
kitploit
added 2023/09/28 11:30 a.m.70 views

Pinkerton - An JavaScript File Crawler And Secret Finder Developed In Python

️️ Pinkerton is a Python tool created to crawl JavaScript files and search for secrets Installing / Getting started A quick guide of how to install and use Pinkerton. 1. Clone the repository with: git clone https://github.com/oppsec/pinkerton.git 2. Install the libraries with: pip3 install -r...

7.2AI score
Exploits0References4
kitploit
kitploit
added 2022/12/27 11:30 a.m.70 views

Aftermath - A Free macOS IR Framework

Aftermath is a Swift-based, open-source incident response framework. Aftermath can be leveraged by defenders in order to collect and subsequently analyze the data from the compromised host. Aftermath can be deployed from an MDM ideally, but it can also run independently from the infected user's...

7AI score
Exploits0References4
kitploit
kitploit
added 2022/10/06 11:30 a.m.71 views

Arsenal - Recon Tool installer

Arsenal is a Simple shell script Bash used to install the most important tools and requirements for your environment and save time in installing all these tools. Tools in Arsenal Name | description ---|--- Amass | The OWASP Amass Project performs network mapping of attack surfaces and external...

6.6AI score
Exploits0References2
kitploit
kitploit
added 2022/01/27 8:30 p.m.70 views

Gh-Dork - Github Dorking Tool

Supply a list of dorks and, optionally, one of the following: a user -u a file with a list of users -uf an organization -org a file with a list of organizations -of a repo -r You can also pass: an output directory to store results -o a filename to store valid items, if your users or org file may...

7.6AI score
Exploits0References4
kitploit
kitploit
added 2022/01/13 8:30 p.m.70 views

AlphaGolang - IDApython Scripts For Analyzing Golang Binaries

AlphaGolang is a collection of IDAPython scripts to help malware reverse engineers master Go binaries. The idea is to break the scripts into concrete steps, thus avoiding brittle monolithic scripts, and mimicking the methodology an analyst might follow when tackling a Go binary. Scripts are...

7AI score
Exploits0References8
kitploit
kitploit
added 2021/10/04 8:30 p.m.70 views

BurpCrypto - A Collection Of Burpsuite Encryption Plug-Ins, Support AES/RSA/DES/ExecJs(execute JS Encryption Code In Burpsuite)

Burpcrypto is a collection of burpsuite encryption plug-ins, supporting AES/RSA/DES/ExecJsexecute JS encryption code in burpsuite. Build $ mvn package Usage 中文使用说明 Download the precompiled jar package from Releases. Add this jar package to your burpsuite's Extensions. Switch to BurpCrypto tab,...

7.3AI score
Exploits0References2
kitploit
kitploit
added 2021/06/25 9:30 p.m.70 views

BlobHunter - Find Exposed Data In Azure With This Public Blob Scanner

An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure Blobs Exposes Millions of Sensitive Files" research: https://www.cyberark.com/resources/threat-research-blog/hunting-azure-blobs-exposes-millions-of-sensitive-files Overvi...

7AI score
Exploits0References3
kitploit
kitploit
added 2021/06/24 9:30 p.m.70 views

Fully-Homomorphic-Encryption - Libraries And Tools To Perform Fully Homomorphic Encryption Operations On An Encrypted Data Set

This repository contains open-source libraries and tools to perform fully homomorphic encryption FHE operations on an encrypted data set. About Fully Homomorphic Encryption Fully Homomorphic Encryption FHE is an emerging data processing paradigm that allows developers to perform transformations o...

6.9AI score
Exploits0References9
kitploit
kitploit
added 2021/04/11 12:30 p.m.70 views

AzureC2Relay - An Azure Function That Validates And Relays Cobalt Strike Beacon Traffic By Verifying The Incoming Requests Based On A Cobalt Strike Malleable C2 Profile

AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on a Cobalt Strike Malleable C2 profile. Any incoming requests that do not share the profiles user-agent, URI paths, headers, and query parameters, will be redirected ...

7.1AI score
Exploits0References1
kitploit
kitploit
added 2020/11/28 11:30 a.m.70 views

Tracee - Container And System Event Tracing Using eBPF

Tracee is a lightweight and easy to use container and system tracing tool. It allows you to observe system calls and other system events in real-time. A unique feature of Tracee is that it will only trace newly created processes and containers that were started after Tracee has started, in order ...

6.8AI score
Exploits0References4
kitploit
kitploit
added 2020/07/13 9:30 p.m.70 views

DroneSploit - Drone Pentesting Framework Console

This CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on drone hacking. For the ease of use, the interface has a layout that looks like Metasploit. Black Hat Europe Arsenal 2019 presentation Also see articles: Black Hat Europe: New...

7.5AI score
Exploits0References3
kitploit
kitploit
added 2020/06/09 12:30 p.m.70 views

URLCrazy - Generate And Test Domain Typos And Variations To Detect And Perform Typo Squatting, URL Hijacking, Phishing, And Corporate Espionage

URLCrazy is an OSINT tool to generate and test domain typos or variations to detect or perform typo squatting, URL hijacking, phishing, and corporate espionage. Homepage: https://www.morningstarsecurity.com/research/urlcrazy Use Cases Detect typo squatters profiting from typos on your domain name...

7.1AI score
Exploits0References5
kitploit
kitploit
added 2020/02/28 12:0 p.m.70 views

Mouse Framework - An iOS And macOS Post Exploitation Surveillance Framework That Gives You A Command Line Session With Extra Functionality Between You And A Target Machine Using Only A Simple Mouse Payload

About Mouse Framework Mouse Framework is an iOS and macOS post exploitation surveillance framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse Payload. Mouse gives you the power and convenience of uploading and...

8AI score
Exploits0References1
kitploit
kitploit
added 2018/09/12 12:48 p.m.70 views

Ettercap - A Comprehensive Suite For Man In The Middle Attacks

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis. ETTERCAP...

7.3AI score
Exploits0
kitploit
kitploit
added 2018/03/18 12:39 p.m.70 views

StaCoAn - Crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications

StaCoAn is a crossplatform tool which aids developers, bugbounty hunters and ethical hackers performing static code analysis on mobile applications. This tool will look for interesting lines in the code which can contain: Hardcoded credentials API keys URL's of API's Decryption keys Major coding...

7.3AI score
Exploits0References3
kitploit
kitploit
added 2017/10/20 9:26 p.m.70 views

Seccubus - Easy Automated Vulnerability Scanning, Reporting And Analysis

Seccubus automates regular vulnerability scans with various tools and aids security people in the fast analysis of its output, both on the first scan and on repeated scans. On repeated scan delta reporting ensures that findings only need to be judged when they first appear in the scan results or...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2017/08/26 10:26 p.m.70 views

AVPASS - Tool For Leaking And Bypassing Android Malware Detection System

AVPASS is a tool for leaking the detection model of Android malware detection systems i.e., antivirus software, and bypassing their detection logics by using the leaked information coupled with APK obfuscation techniques. AVPASS is not limited to detection features used by detection systems, and...

7AI score
Exploits0References2
kitploit
kitploit
added 2016/03/28 10:30 p.m.70 views

Meld - Visual Diff And Merge Tool Targeted At Developers

Meld is a visual diff and merge tool targeted at developers. Meld helps you compare files, directories, and version controlled projects. It provides two- and three-way comparison of both files and directories, and has support for many popular version control systems. Meld helps you review code...

7.4AI score
Exploits0
kitploit
kitploit
added 2015/05/14 12:12 a.m.70 views

Custom-SSH-Backdoor - SSH Backdoor using Paramiko

Custom ssh backdoor, coded in python using Paramiko. Paramiko is a Python 2.6+, 3.3+ implementation of the SSHv2 protocol, providing both client and server functionality. While it leverages a Python C extension for low level cryptography PyCrypto, Paramiko itself is a pure Python interface around...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2014/01/20 11:40 p.m.70 views

[ZynOS-Attacker] (TP-LINK TD-W8951ND Router) Tool for automated attack on a range of IP

With these scripts you can attack ZynOS routers and modify/extract anything you want on the target router from extracting ISP username and password to injecting rogue DNS servers IPs. Download ZynOS-Attacker...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2013/09/13 2:12 p.m.70 views

[SecureCheq v1.0] The Security Configuration Management made easy!

SecureCheq is a fast, simple utility for Windows servers and desktops that answers these questions while it tests for common configuration risks. This free utility: Tests for a subset of typical and often dangerous Windows configuration errors Provides detailed remediation and repair advice Tests...

7AI score
Exploits0
kitploit
kitploit
added 2024/04/09 12:30 p.m.69 views

Sicat - The Useful Exploit Finder

Introduction SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant...

7.4AI score
Exploits0References2
kitploit
kitploit
added 2022/09/06 12:30 p.m.69 views

noPac - Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 + CVE-2021-42287 chain positional arguments: domain/username:password Account used to authenticate to DC. optional arguments: -h, --help show thi...

7.5CVSS8.8AI score0.74265EPSS
Exploits10References2
kitploit
kitploit
added 2021/09/04 9:30 p.m.69 views

Bugs-feed - A Local Hosted Portal Where You Can Search For The Latest News, Videos, CVEs, Vulnerabilities...

Bug's feed is a local hosted portal where you can search for the latest news, videos, CVEs, vulnerabilities... It's implemented as a PWA application so you can get rid of the explorer and use it as a desktop application. Navigate through different tabs and take a look to the latest bugs or search...

7.1AI score
Exploits0References4
kitploit
kitploit
added 2021/08/13 9:30 p.m.69 views

Nimplant - A Cross-Platform Implant Written In Nim

Nimplant is a cross-platform Linux & Windows implant written in Nim as a fun project to learn about Nim and see what it can bring to the table for red team tool development. Currently, Nimplant lacks extensive evasive tradecraft; however, overtime Nimplant will become much more sophisticated...

7.8AI score
Exploits0References3
kitploit
kitploit
added 2021/02/07 8:30 p.m.69 views

COM-Code-Helper - Two IDAPython Scripts Help You To Reconstruct Microsoft COM (Component Object Model) Code

Two IDAPython Scripts help you to reconstruct Microsoft COM Component Object Model Code Especially malware reversers will find this useful, as COM Code is still regularly found in malware. ClassAndInterfaceToNames.py This IDAPython script scans an idb file for class and interfaces UUIDs and creat...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2021/02/01 8:30 p.m.70 views

Flawfinder - A Static Analysis Tool For Finding Vulnerabilities In C/C++ Source Code

This is "flawfinder" by David A. Wheeler. Flawfinder is a simple program that scans C/C++ source code and reports potential security flaws. It can be a useful tool for examining software for vulnerabilities, and it can also serve as a simple introduction to static source code analysis tools more...

7.1AI score
Exploits0References3
kitploit
kitploit
added 2020/11/15 11:30 a.m.69 views

FinalRecon v1.1.0 - The Last Web Recon Tool You'll Need

FinalRecon is an automatic web reconnaissance tool written in python. Goal of FinalRecon is to provide an overview of the target in a short amount of time while maintaining the accuracy of results. Instead of executing several tools one after another it can provide similar results keeping...

7AI score
Exploits0References1
kitploit
kitploit
added 2020/07/18 10:0 p.m.69 views

Docker for Pentest - Image With The More Used Tools To Create A Pentest Environment Easily And Quickly

Docker for pentest is an image with the more used tools to create an pentest environment easily and quickly. Features OS, networking, developing and pentesting tools installed. Connection to HTB Hack the Box vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzd...

7.2AI score
Exploits0References87
kitploit
kitploit
added 2020/06/16 9:30 p.m.69 views

SecretFinder - A Python Script For Find Sensitive Data (Apikeys, Accesstoken, JWT...) And Search Anything On Javascript Files

SecretFinder is a python script based on LinkFinder, written to discover sensitive data like apikeys, accesstoken, authorizations, jwt,..etc in JavaScript files. It does so by using jsbeautifier for python in combination with a fairly large regular expression. The regular expressions consists of...

6.9AI score
Exploits0References2
kitploit
kitploit
added 2020/06/07 12:30 p.m.69 views

Words Scraper - Selenium Based Web Scraper To Generate Passwords List

Selenium based web scraper to generate passwords list. Installation Download Firefox webdriver from https://github.com/mozilla/geckodriver/releases $ tar xzf geckodriver-vVERSION-HERE.tar.gz $ sudo mv geckodriver /usr/local/bin Make sure it is in your PATH $ geckodriver --version Make sure...

7.3AI score
Exploits0References2
kitploit
kitploit
added 2020/06/01 9:30 p.m.69 views

Forerunner - Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers

The Forerunner library is a fast, lightweight, and extensible networking library created to aid in the development of robust network centric applications such as: IP Scanners, Port Knockers, Clients, Servers, etc. In it's current state, the Forerunner library is able to both synchronously and...

6.6AI score
Exploits0References1
kitploit
kitploit
added 2020/05/17 1:0 p.m.69 views

ParamKit - A Small Library Helping To Parse Commandline Parameters

A small library helping to parse commandline parameters for Windows. Objectives "like Python's argparse but for C/C++" compact and minimalistic easy to use extendable Demo Print help for each parameter: Easily store values of popular types, and verify if all required parameters are filled: Verify...

7.5AI score
Exploits0References2
kitploit
kitploit
added 2020/05/11 12:30 p.m.69 views

Catchyou - FUD Win32 Msfvenom Payload Generator

Fully Undetectable Win32 MSFVenom Payload Generator meterpreter/shell reverse tcp Author: github.com/thelinuxchoice/catchyou Twitter: twitter.com/linuxchoice Please, don't upload to VirusTotal! Usehttps://antiscan.me Features: Fully Undetectable Win32 MSFVenom Payload meterpreter/shell reverse tc...

7.3AI score
Exploits0References1
Total number of security vulnerabilities5000