Lucene search
+L
KitploitMost viewed

6011 matches found

kitploit
kitploit
added 2015/01/31 3:31 p.m.65 views

JADX - Java source code from Android Dex and Apk files

Command line and GUI tools for produce Java source code from Android Dex and Apk files. Usage jadx-gui options .dex, .apk, .jar or .class options: -d, --output-dir - output directory -j, --threads-count - processing threads count -f, --fallback - make simple dump using goto instead of 'if', 'for'...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2014/02/27 9:7 p.m.65 views

[Maltrieve] A tool to retrieve malware directly from the source for security researchers

Maltrieve originated as a fork of mwcrawler. It retrieves malware directly from the sources as listed at a number of sites, including: Malc0de Malware Black List Malware Domain List Malware Patrol Sacour.cn VX Vault URLqery CleanMX These lists will be implemented if/when they return to activity...

7.2AI score
Exploits0References3
kitploit
kitploit
added 2013/04/02 11:13 p.m.65 views

[Acunetix Web Vulnerability Scanner 8] Automated Web Application Security Testing Tool

Acunetix W eb V ulnerability S canner WVS is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive...

7.3AI score
Exploits0
kitploit
kitploit
added 2012/12/24 2:1 p.m.65 views

[DNSwalk] Running on BackTrack 5 R3

Dnswalk is a DNS debugger. It performs zone transfers of specifieddomains, and checks the database in numerous ways for internalconsistency, as well as accuracy. dnswalk is not for the faint of heart. It should NOT be used without a firm knowledge of the DNS RFC's. The warnings and errors must be...

6.7AI score
Exploits0
kitploit
kitploit
added 2025/05/06 12:30 p.m.64 views

Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients

A Model Context Protocol MCP server implementation that integrates with Firecrawl for web scraping capabilities. Big thanks to @vrknetha, @cawstudios for the initial implementation! You can also play around with our MCP Server on MCP.so's playground. Thanks to MCP.so for hosting and @gstarwd for...

7.2AI score
Exploits0References5
kitploit
kitploit
added 2024/06/16 5:16 p.m.64 views

NativeDump - Dump Lsass Using Only Native APIs By Hand-Crafting Minidump Files (Without MinidumpWriteDump!)

NativeDump allows to dump the lsass process using only NTAPIs generating a Minidump file with only the streams needed to be parsed by tools like Mimikatz or Pypykatz SystemInfo, ModuleList and Memory64List Streams. NTOpenProcessToken and NtAdjustPrivilegeToken to get the "SeDebugPrivilege"...

7.3AI score
Exploits0References5
kitploit
kitploit
added 2024/06/01 12:30 p.m.64 views

Reaper - Proof Of Concept On BYOVD Attack

Reaper is a proof-of-concept designed to exploit BYOVD Bring Your Own Vulnerable Driver driver vulnerability. This malicious technique involves inserting a legitimate, vulnerable driver into a target system, which allows attackers to exploit the driver to perform malicious actions. Reaper was...

7.5AI score
Exploits0References2
kitploit
kitploit
added 2023/12/17 11:30 a.m.64 views

NetworkSherlock - Powerful And Flexible Port Scanning Tool With Shodan

NetworkSherlock is a powerful and flexible port scanning tool designed for network security professionals and penetration testers. With its advanced capabilities, NetworkSherlock can efficiently scan IP ranges, CIDR blocks, and multiple targets. It stands out with its detailed banner grabbing...

7.1AI score
Exploits0References1
kitploit
kitploit
added 2023/10/05 11:30 a.m.64 views

Dissect - Digital Forensics, Incident Response Framework And Toolset That Allows You To Quickly Access And Analyse Forensic Artefacts From Various Disk And File Formats

Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT part of NCC Group. This project is a meta package, it will install all other Dissect modules with the...

7.3AI score
Exploits0References26
kitploit
kitploit
added 2022/12/16 11:30 a.m.64 views

AzureHound - Azure Data Exporter For BloodHound

The BloodHound data collector for Microsoft Azure Get AzureHound Release Binaries Download the appropriate binary for your platform from one of our Releases. Rolling Release The rolling release contains pre-built binaries that are automatically kept up-to-date with the main branch and can be...

7.2AI score
Exploits0References3
kitploit
kitploit
added 2022/09/16 11:30 a.m.64 views

XLL_Phishing - XLL Phishing Tradecraft

With Microsoft's recent announcement regarding the blocking of macros in documents originating from the internet email AND web download, attackers have began aggressively exploring other options to achieve user driven access UDA. There are several considerations to be weighed and balanced when...

7.8AI score
Exploits0References5
kitploit
kitploit
added 2021/11/04 11:30 a.m.64 views

LDAPmonitor - Monitor Creation, Deletion And Changes To LDAP Objects Live During Your Pentest Or System Administration!

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! With this tool you can quickly see if your attack worked and if it changed LDAP attributes of the target object. Features Feature | Python .py | CSharp .exe | Powershell .ps1 ---|---|---|---...

7.5AI score
Exploits0References4
kitploit
kitploit
added 2021/10/18 8:30 p.m.64 views

Inceptor - Template-Driven AV/EDR Evasion Framework

Modern Penetration testing and Red Teaming often requires to bypass common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and inherently more difficult to bypass consistently. Inceptor is a tool which can help to automate great part of this...

8.1AI score
Exploits0References16
kitploit
kitploit
added 2021/04/12 9:30 p.m.64 views

Dwn - D(Ockerp)Wn - A Docker Pwn Tool Manager

dwn is a "docker-compose for hackers". Using a simple YAML "plan" format similar to docker-compose, image names, versions and volume / port mappings are defined to setup a tool for use. features With dwn you can: Configure common pentest tools for use in a docker container Have context aware volu...

7.1AI score
Exploits0References3
kitploit
kitploit
added 2021/04/02 11:30 a.m.64 views

SecretScanner - Find Secrets And Passwords In Container Images And File Systems

Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets? Secrets are any kind of sensitive or private data which gives authorized users permission to access critical IT infrastructure such as accounts, devices, network, cloud based services,...

7.1AI score
Exploits0References3
kitploit
kitploit
added 2021/03/27 11:30 a.m.64 views

Obfuscation_Detection - Collection Of Scripts To Pinpoint Obfuscated Code

Automatically detect control-flow flattening and other state machines Author: Tim Blazytko Description: Scripts and binaries to automatically detect control-flow flattening and other state machines in binaries. Implementation is based on Binary Ninja. Check out the following blog post for more...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2021/01/02 11:30 a.m.64 views

HyperDbg - The Source Code Of HyperDbg Debugger

HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world. It operates on top of Windows by virtualizing an already running system using Intel VT-x and Intel PT. This debugger aims not to use any APIs and software debugging...

6.8AI score
Exploits0References2
kitploit
kitploit
added 2020/10/09 11:30 a.m.64 views

SwiftBelt - A macOS Enumeration Tool Inspired By Harmjoy'S Windows-based Seatbelt Enumeration Tool

SwiftBelt is a macOS enumerator inspired by @harmjoy's Windows-based Seatbelt enumeration tool. SwiftBelt does not utilize any command line utilities and instead uses Swift code leveraging the Cocoa Framework, Foundation libraries, OSAKit libraries, etc. to perform system enumeration. This can be...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2020/10/02 11:30 a.m.64 views

smbAutoRelay - Provides The Automation Of SMB/NTLM Relay Technique For Pentesting And Red Teaming Exercises In Active Directory Environments

SMB AutoRelay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environments. Usage Syntax: ./smbAutoRelay.sh -i -t -q -d . Example: ./smbAutoRelay.sh -i eth0 -t ./targets.txt . Notice that the targets file should contain just the IP...

7.2AI score
Exploits0References3
kitploit
kitploit
added 2020/07/28 10:0 p.m.64 views

SNOWCRASH - A Polyglot Payload Generator

A polyglot payload generator Introduction SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user in this case combined Bash and Powershell code is embedded into a single polyglot template, which is platform-agnostic. There are few payloads...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2020/06/22 12:30 p.m.64 views

Lynis 3.0.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

4.2CVSS4.1AI score0.00365EPSS
Exploits0
kitploit
kitploit
added 2020/04/27 12:30 p.m.64 views

Nuclei - Nuclei Is A Fast Tool For Configurable Targeted Scanning Based On Templates Offering Massive Extensibility And Ease Of Use

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. Nuclei is used to send requests across targets based on a template leading to zero false positives and providing effective scanning for known paths. Main use cases for nucle...

7.5AI score
Exploits0References10
kitploit
kitploit
added 2020/04/26 1:0 p.m.64 views

S3Reverse - The Format Of Various S3 Buckets Is Convert In One Format

The format of various s3 buckets is convert in one format. for bugbounty and security testing. Install $ go get -u github.com/hahwul/s3reverse Usage Input options Basic Usage 8""""8 eeee 8"""8 8"""" 88 8 8"""" 8"""8 8""""8 8"""" 8 8 8 8 8 88 8 8 8 8 8 8 8eeeee 8 8eee8e 8eeee 88 e8 8eeee 8eee8e...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2020/04/09 12:0 p.m.64 views

Richkit - Domain Enrichment Toolkit

Richkit is a python3 package that provides tools taking a domain name as input, and returns addtional information on that domain. It can be an analysis of the domain itself, looked up from data-bases, retrieved from other services, or some combination thereof. The purpose of richkit is to provide...

6.7AI score
Exploits0References1
kitploit
kitploit
added 2020/02/14 11:30 a.m.64 views

CTFTOOL - Interactive CTF Exploration Tool

An Interactive CTF Exploration Tool This is ctftool, an interactive command line tool to experiment with CTF, a little-known protocol used on Windows to implement Text Services. This might be useful for studying Windows internals, debugging complex issues with Text Input Processors and analyzing...

7.5AI score
Exploits0References4
kitploit
kitploit
added 2020/02/05 11:30 a.m.64 views

Dufflebag - Search Exposed EBS Volumes For Secrets

Dufflebag is a tool that searches through public Elastic Block Storage EBS snapshots for secrets that may have been accidentally left in. You may be surprised by all the passwords and secrets just laying around! The tool is organized as an Elastic Beanstalk "EB", not to be confused with EBS...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2020/01/24 9:0 p.m.64 views

Hershell - Multiplatform Reverse Shell Generator

Simple TCP reverse shell written in Go. It uses TLS to secure the communications, and provide a certificate public key fingerprint pinning feature, preventing from traffic interception. Supported OS are: Windows Linux Mac OS FreeBSD and derivatives Why ? Although meterpreter payloads are great,...

7.6AI score
Exploits0References2
kitploit
kitploit
added 2018/11/28 12:30 p.m.64 views

Miasm - Reverse Engineering Framework In Python

Miasm is a free and open source GPLv2 reverse engineering framework. Miasm aims to analyze / modify / generate binary programs. Here is a non exhaustive list of features: Opening / modifying / generating PE / ELF 32 / 64 LE / BE using Elfesteem Assembling / Disassembling X86 / ARM / MIPS / SH4 /...

7.9AI score
Exploits0References11
kitploit
kitploit
added 2018/11/15 12:47 p.m.64 views

Osmedeus - Automatic Reconnaisance And Scanning In Penetration Testing

Automatic Reconnaisance and Scanning in Penetration Testing What is Osmedeus? Osmedeus allow you to doing boring stuff in Pentesting automatically like reconnaissance and scanning the target by run the collection of awesome tools. Installation git clone https://github.com/j3ssie/Osmedeus cd...

7.2AI score
Exploits0References14
kitploit
kitploit
added 2017/12/16 1:1 p.m.64 views

Hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs...

7.3AI score
Exploits0References3
kitploit
kitploit
added 2017/10/31 9:28 p.m.64 views

TROMMEL - Sift Through Directories of Files to Identify Indicators That May Contain Vulnerabilities

TROMMEL sifts through directories of files to identify indicators that may contain vulnerabilities. TROMMEL identifies the following indicators related to: Secure Shell SSH key files Secure Socket Layer SSL key files Internet Protocol IP addresses Uniform Resource Locator URL email addresses shel...

9AI score
Exploits0References2
kitploit
kitploit
added 2016/11/09 1:49 p.m.64 views

geoip-attack-map - Cyber Security GeoIP Attack Map Visualization

This geoip attack map visualizer was developed to display network attacks on your organization in real time. The data server follows a syslog file, and parses out source IP, destination IP, source port, and destination port. Protocols are determined via common ports, and the visualizations vary i...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2015/12/16 8:14 p.m.64 views

ATSCAN - Server, Site and Dork Scanner

Description: ATSCAN Version 2 Dork scanner. XSS scanner. Sqlmap. LFI scanner. Filter wordpress and Joomla sites in the server. Find Admin page. Decode / Encode MD5 + Base64. Libreries to install: ap-get install libxml-simple-perl NOTE: Works in linux platforms. Permissions & Executution: $chmod +...

6.4AI score
Exploits0References1
kitploit
kitploit
added 2015/12/08 10:26 p.m.64 views

Tor Messenger - Chat over Tor, Easily

Tor Messenger is a cross-platform chat program that aims to be secure by default and sends all of its traffic over Tor. It supports a wide variety of transport networks, including Jabber XMPP , IRC , Google Talk , Facebook Chat , Twitter , Yahoo , and others; enables Off-the-Record OTR Messaging...

7.1AI score
Exploits0References1
kitploit
kitploit
added 2014/08/08 2:37 a.m.64 views

HoneyDrive 3 - The Premier Honeypot Linux Distro

HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance OVA with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2024/05/25 12:30 p.m.63 views

JA4+ - Suite Of Network Fingerprinting Standards

JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting and analysis. The use-cases for these fingerprints include scanning for threat actors, malware detection, session...

7AI score
Exploits0References17
kitploit
kitploit
added 2024/05/15 1:56 a.m.63 views

Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework

Hakuin is a Blind SQL Injection BSQLI optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily and efficiently extract databases DB from vulnerable web applications. To speed up the process, Hakuin utilizes a variety of optimizati...

8.2AI score
Exploits0References3
kitploit
kitploit
added 2024/04/18 12:30 p.m.63 views

VectorKernel - PoCs For Kernelmode Rootkit Techniques Research

PoCs for Kernelmode rootkit techniques research or education. Currently focusing on Windows OS. All modules support 64bit OS only. NOTE Some modules use ExAllocatePool2 API to allocate kernel pool memory. ExAllocatePool2 API is not supported in OSes older than Windows 10 Version 2004. If you want...

7.6AI score
Exploits0References13
kitploit
kitploit
added 2023/07/24 12:30 p.m.63 views

CakeFuzzer - Automatically And Continuously Discover Vulnerabilities In Web Applications Created Based On Specific Frameworks

Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based on specific frameworks with very limited false positives. Currently it is implemented to support the Cake PHP framework. If you would like to learn more about t...

9.8CVSS9.9AI score0.02134EPSS
Exploits0References11
kitploit
kitploit
added 2023/03/03 11:30 a.m.63 views

Cortex-XDR-Config-Extractor - Cortex XDR Config Extractor

This tool is meant to be used during Red Team Assessments and to audit the XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible...

7AI score
Exploits0References2
kitploit
kitploit
added 2022/12/06 11:30 a.m.63 views

Klyda - Highly Configurable Script For Dictionary/Spray Attacks Against Online Web Applications

The Klyda project has been created to aid in quick credential based attacks against online web applications. Klyda supports the use from simple password sprays, to large multithreaded dictionary attacks. Klyda is a new project, and I am looking for any contributions. Any help is very appreciated...

7.3AI score
Exploits0References2
kitploit
kitploit
added 2022/06/18 9:30 p.m.63 views

Hunt-Sleeping-Beacons - Aims To Identify Sleeping Beacons

The idea of this project is to identify beacons which are unpacked at runtime or running in the context of another process. To do so, I make use of the observation that beacons tend to call Sleep between their callbacks. A call to sleep sets the state of the thread to DelayExecution which is take...

7.5AI score
Exploits0References3
kitploit
kitploit
added 2021/11/05 8:30 p.m.63 views

Tor-Rootkit - A Python 3 Standalone Windows 10 / Linux Rootkit Using Tor

A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get's established over the tor network. Disclaimer Use for educational purposes only. How to use 1. Clone the repo and change directory: git clone https://github.com/emcruise/TorRootkit.git cd ./tor-rootkit 2. Build...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2021/07/01 12:30 p.m.63 views

OpenAttack - An Open-Source Package For Textual Adversarial Attack

OpenAttack is an open-source Python-based textual adversarial attack toolkit, which handles the whole process of textual adversarial attacking, including preprocessing text, accessing the victim model, generating adversarial examples and evaluation. Features & Uses OpenAttack has following...

7.4AI score
Exploits0References18
kitploit
kitploit
added 2021/04/09 12:30 p.m.63 views

Redcloud - Automated Red Team Infrastructure Deployement Using Docker

Redcloud is a powerful and user-friendly toolbox for deploying a fully featured Red Team Infrastructure using Docker. Harness the cloud's speed for your tools. Deploys in minutes. Use and manage it with its polished web interface. Ideal for your penetration tests, shooting ranges, red teaming and...

7.6AI score
Exploits0References2
kitploit
kitploit
added 2021/02/12 11:30 a.m.63 views

BaphoDashBoard - Dashboard For Manage And Generate The Baphomet Ransomware

With this proyect we will be able to handle the data of the victims we obtain with Baphomet Ransomware. BaphoDashBoard is developed in C under framework dotnet-core 3.1. Both Baphomet Ransomware and BaphoDashBoard proyects are thrown out for educational purposes and so we can get something out of...

7AI score
Exploits0References1
kitploit
kitploit
added 2021/02/11 11:30 a.m.63 views

PatrowlHears - PatrowlHears - Vulnerability Intelligence Center / Exploits

PatrOwl provides scalable, free and open-source solutions for orchestrating Security Operations and providing Threat Intelligence feeds. PatrowlHears is an advanced and real-time Vulnerability Intelligence platform, including CVE, exploits and threats news. Try it now! To try PatrowlHears, instal...

7.5AI score
Exploits0References7
kitploit
kitploit
added 2021/02/04 8:30 p.m.63 views

Satellite - Easy-To-Use Payload Hosting

Satellite is an web payload hosting service which filters requests to ensure the correct target is getting a payload. This can also be a useful service for hosting files that should be only accessed in very specific circumstances. Quickstart Guide 1. Install satellite on Ubuntu using the .deb fil...

7.2AI score
Exploits0References5
kitploit
kitploit
added 2021/01/13 8:30 p.m.63 views

Umbrella_android - Digital And Physical Security Advice App

Umbrella is an Android mobile app developed by Security First that provides human rights defenders with the information on what to do in any given security situation and the tools to do it. It allows the user to choose what they want to do, such as: protect data; securely make a call/email;...

6.4AI score
Exploits0References7
kitploit
kitploit
added 2021/01/10 8:30 p.m.63 views

MUD-Visualizer - A Tool To Visualize MUD Files

This tool can be used to visualize the MUD files in JSON format. Motivation MUD files are plain text files in JSON format that contain ACL rules for a device. A MUD file can contains tens or hundrends of ACL rules which makes it difficult to read and validate the files manually. mud-visualizer wi...

7.4AI score
Exploits0References2
Total number of security vulnerabilities5000