Lucene search
+L
KitploitMost viewed

6011 matches found

kitploit
kitploit
added 2012/11/02 4:33 a.m.53 views

[WebSploit] Framework 2.0.3 with Wifi Jammer

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability. WebSploit Is An Open Source Project For : Social Engineering Works Scan,Crawler & Analysis Web Automatic Exploiter Support Network Attacks +Autopwn - Used From Metasploit For Scan and Exploit Target Servic...

6.6AI score
Exploits0
kitploit
kitploit
added 2025/04/20 12:30 p.m.52 views

CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations

Firewall Manager API Project Installation Follow these steps to set up and run the API project: 1. Clone the Repository git clone https://github.com/adriyansyah-mf/CentralizedFirewall cd CentralizedFirewall 2. Edit the .env File Update the environment variables in .env according to your...

7.2AI score
Exploits0References2
kitploit
kitploit
added 2024/05/11 12:30 p.m.52 views

LOLSpoof - An Interactive Shell To Spoof Some LOLBins Command Line

LOLSpoof is a an interactive shell program that automatically spoof the command line arguments of the spawned process. Just call your incriminate-looking command line LOLBin e.g. powershell -w hidden -enc ZwBlAHQALQBwAHIAbwBjAGUA.... and LOLSpoof will ensure that the process creation telemetry...

7.7AI score
Exploits0References1
kitploit
kitploit
added 2023/07/05 12:30 p.m.52 views

BugChecker - SoftICE-like Kernel Debugger For Windows 11

Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64. BugChecker doesn't require a second machine to be connected to the system being debugged, like in the case of WinDbg and KD. This...

7.2AI score
Exploits0References13
kitploit
kitploit
added 2022/06/10 12:30 p.m.52 views

PacketStreamer - Distributed Tcpdump For Cloud Native Environments

Deepfence PacketStreamer is a high-performance remote packet capture and collection tool. It is used by Deepfence's ThreatStryker security observability platform to gather network traffic on demand from cloud workloads for forensic analysis. Primary design goals: Stay light, capture and stream, n...

7.4AI score
Exploits0References10
kitploit
kitploit
added 2022/03/06 11:30 a.m.52 views

PyShell - Multiplatform Python WebShell

PyShell is Multiplatform Python WebShell. This tool helps you to obtain a shell-like interface on a web server to be remotely accessed. Unlike other webshells, the main goal of the tool is to use as little code as possible on the server side, regardless of the language used or the operating syste...

8.1AI score
Exploits0References2
kitploit
kitploit
added 2022/01/09 8:30 p.m.52 views

Shellcode-Encryptor - A Simple Shell Code Encryptor/Decryptor/Executor To Bypass Anti Virus

A simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the bypass, I have found injecting the binary into memory using PowerShell as the most effective method. Purpose To generate a .Net binary containing base64 encoded, AE...

7.6AI score
Exploits0References3
kitploit
kitploit
added 2021/11/07 11:30 a.m.52 views

Etl-Parser - Event Trace Log File Parser In Pure Python

Event Trace Log file reader in pure Python etl-parser is a pure Python 3 parser library for ETL Windows log files. ETL is the default format for ETW as well as the default format for the Kernel logger. etl-parser has no system dependencies, and will work well on both Windows and Linux. Since this...

6.8AI score
Exploits0References1
kitploit
kitploit
added 2021/10/31 8:30 p.m.52 views

Web-Hacking-Toolkit - A Multi-Platform Web Hacking Toolkit Docker Image With Graphical User Interface (GUI) Support

A multi-platform web hacking toolkit Docker image with Graphical User Interface GUI support. Installation Docker Pull the image from Docker Hub: docker pull signedsecurity/web-hacking-toolkit Run a container and attach a shell: docker run --rm -it --name web-hacking-toolkit...

7AI score
Exploits0References22
kitploit
kitploit
added 2021/06/07 9:30 p.m.52 views

Totp-Ssh-Fluxer - Take Security By Obscurity To The Next Level (This Is A Bad Idea, Don'T Really Use This Please)

Some people change their SSH port on their servers so that it is slightly harder to find for bots or other nasties, and while that is generally viewed as an action of security through obscurity it does work very well at killing a lot of the automated logins you always see in /var/log/auth.log...

7.6AI score
Exploits0References1
kitploit
kitploit
added 2021/02/15 8:30 p.m.52 views

Gitlab-Watchman - Monitoring GitLab For Sensitive Data Shared Publicly

GitLab Watchman is an application that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally. Features It searches GitLab for internally shared projects and looks at: Code Commits Wiki pages Issues Merge requests Milestones For the following data: GCP keys and...

6.5AI score
Exploits0References5
kitploit
kitploit
added 2020/12/23 11:30 a.m.52 views

Kenzer - Automated Web Assets Enumeration And Scanning

Automated Web Assets Enumeration & Scanning Instructions for running 1. Create an account on Zulip 2. Navigate to Settings Your Bots Add a new bot 3. Create a new generic bot named kenzer 4. Add all the configurations in configs/kenzer.conf 5. Install/Run using - ./install.sh -b if you need...

7.3AI score
Exploits0References1
kitploit
kitploit
added 2020/12/20 8:30 p.m.52 views

Sploit - Go Package That Aids In Binary Analysis And Exploitation

Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit is to be able to have a well designed API with functionality that rivals some of the more common Python exploit development frameworks while taking advantage of the Go...

7.7AI score
Exploits0References1
kitploit
kitploit
added 2020/12/01 8:30 p.m.52 views

Terrascan - Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. GitHub Repo: https://github.com/accurics/terrascan Documentation: https://docs.accurics.com Discuss: https://community.accurics.com Features 500+ Policies for...

7.8AI score
Exploits0References3
kitploit
kitploit
added 2020/11/30 8:30 p.m.52 views

GG-AESY - Hide Cool Stuff In Images

Blogpost: https://redteamer.tips/introducing-gg-aesy-a-stegocryptor/ WARNING: you might need to restore NuGet packages and restart visual studio before compiling. If anyone knows how I can get rid of this problem, DM me. Manual To start off, I highly recommend to always use GG-AESY using verbose...

7.1AI score
Exploits0References1
kitploit
kitploit
added 2020/10/08 8:30 p.m.52 views

C41N - An Automated Rogue Access Point Setup Tool

c41n is an automated Rogue Access Point setup tool. c41n provides automated setup of several types of Rogue Access Points, and Evil Twin attacks. c41n sets up an access point with user defined characteristics interface, name and channel for the access point, sets up DHCP server for the access...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2020/06/27 10:0 p.m.52 views

Espionage - A Network Packet And Traffic Interceptor For Linux. Spoof ARP & Wiretap A Network

Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows users to to run normal and verbose traffic analysis that shows a live feed of traffic, revealing packet direction, protocols, flags, etc. Espionage can also spoof ARP so,...

7.4AI score
Exploits0References1
kitploit
kitploit
added 2020/04/25 12:30 p.m.52 views

Project iKy v2.5.0 - Tool That Collects Information From An Email And Shows Results In A Nice Visual Interface

Project iKy is a tool that collects information from an email and shows results in a nice visual interface. Visit the Gitlab Page of the Project Installation Clone repository git clone https://gitlab.com/kennbroorg/iKy.git Install Backend Redis You must install Redis wget...

7.4AI score
Exploits0References15
kitploit
kitploit
added 2019/06/11 10:7 p.m.52 views

RapidScan - The Multi-Tool Web Vulnerability Scanner

Evolution: It is quite a fuss for a pentester to perform binge-tool-scanning running security scanning tools one after the other sans automation. Unless you are a pro at automating stuff, it is a herculean task to perform binge-scan for each and every engagement. The ultimate goal of this program...

7.7AI score
Exploits0References2
kitploit
kitploit
added 2018/07/02 1:45 p.m.52 views

EagleEye - Stalk Your Friends. Find Their Instagram, FB And Twitter Profiles Using Image Recognition And Reverse Image Search

Stalk Your Friends. Find Their Instagram, FB And Twitter Profiles Using Image Recognition And Reverse Image Search. This only works if theirFacebook Profile is public What does this do? In simple words you have at least one Image of the Person you are looking for and a clue about its name. You fe...

6.9AI score
Exploits0References3
kitploit
kitploit
added 2018/04/22 1:36 p.m.52 views

Eternal Check - Ip Vulnerability Check To Eternal Blue, Romance, Synergy & Champion

Ip Vulnerability Check To Eternal Blue, Romance, Synergy & Champion: Eternal Check Eternal Check verifies if an ip is vulnerable to the smb vulnerabilities Eternal Blue Eternal Romance Eternal champion Eternal synergy Screenshots Eternal Check Running Video Requirements nmap winbind wine32 wget...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2018/01/11 1:7 p.m.52 views

Recon-ng - Full-Featured Web Reconnaissance Framework

Recon-ng is a full-featured Web Reconnaissance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can...

7.5AI score
Exploits0References3
kitploit
kitploit
added 2018/01/04 1:21 p.m.52 views

CMSsc4n v2.0 - Tool to identify if a domain is a CMS such as Wordpress, Moodle, Joomla, Drupal or Prestashop

Tool to identify if a domain has got a CMS and determine his version. At the moment, CMSs supported by CMSsc4n are WordPress, Moodle, Joomla, Drupal and Prestashop. Instalation You can download the latest version of CMSmap by cloning the GitHub repository: git clone...

7.2AI score
Exploits0References1
kitploit
kitploit
added 2017/07/23 9:20 p.m.52 views

ReconDog - An All In One Tool For All Your Basic Information Gathering Needs

Recon Dog is an all in one tool for all your basic information gathering needs. It uses APIs to gather all the information so your identity is not exposed. Downloading and running Recon Dog Enter the following command in the terminal to download it git clone...

7.1AI score
Exploits0References1
kitploit
kitploit
added 2017/06/22 3:31 p.m.52 views

sharkPy - NSA Tool to Dissect, Analyze, and Interact with Network Packet Data using Wireshark and libpcap capabilities

A python module to dissect, analyze, and interact with network packet data as native Python objects using Wireshark and libpcap capabilities. sharkPy dissect modules extend and otherwise modify Wireshark's tshark. SharkPy packet injection and pcap file writing modules wrap useful libpcap...

7.7AI score
Exploits0References2
kitploit
kitploit
added 2017/05/05 2:35 p.m.52 views

Lynis 2.5.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

7.8CVSS6AI score0.00426EPSS
Exploits0
kitploit
kitploit
added 2017/03/13 2:30 p.m.52 views

BruteXSS - Tool to find XSS vulnerabilities in web application

BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more convienience. This tool is developed in Python, so obviously cross platform, you just need Python...

6.5AI score
Exploits0References1
kitploit
kitploit
added 2015/08/05 11:51 p.m.52 views

MPC - Msfvenom Payload Creator

Msfvenom Payload Creator MPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce their payload. Fully automating msfvenom & Metasploit is the end goal well as to be be able to automate MPC itself...

7AI score
Exploits0References1
kitploit
kitploit
added 2014/12/27 2:30 p.m.52 views

USBPcap - USB Packet capture for Windows (open-source USB Sniffer for Windows)

USBPcap is an open-source USB sniffer for Windows. USB Packet capture for Windows Tour Download USBPcap...

7.4AI score
Exploits0
kitploit
kitploit
added 2014/08/04 2:39 p.m.52 views

BackdoorFactory - Patch PE (x86/x64) and ELF (x86/x64 and ARM LE x32) binaries with shellcode

Patch win86/64 PE and linux86/64 binaries with shellcode. The goal of The Backdoor Factory is to patch executable binaries with user desired shellcode and continue normal execution of the binary prepatched state. Under a BSD 3 Clause License. This is done by either appending a code cave or using...

7.4AI score
Exploits0References2
kitploit
kitploit
added 2014/06/17 8:43 p.m.52 views

Remote DLL - Simple & Free Tool to Inject or Remove DLL from Remote Process

RemoteDLL is the simple tool to Inject DLL or Remove DLL from Remote Process. It is based on popular Dll Injection technique. It supports following DLL Injection methods CreateRemoteThread NtCreateThread Good for DLL Injection across sessions on Vista/Windows 7 QueueUseAPC Delayed Injection...

7.7AI score
Exploits0
kitploit
kitploit
added 2014/04/22 3:3 p.m.52 views

Shodan Plugin for Chrome

The Shodan plugin tells you where the website is hosted country, city, who owns the IP and what other services/ ports are open. The Shodan plugin for Chrome automatically checks whether Shodan has any information for the current website. Is the website also running FTP, DNS, SSH or some unusual...

6.9AI score
Exploits0
kitploit
kitploit
added 2013/12/27 12:52 a.m.52 views

[BTS PenTesting Lab] A vulnerable web application to learn common vulnerabilities

The most common question from students who is learning website hacking techniques is "how to test my skills legally without getting into troubles?". So, i always suggest them to use some vulnerable web application such as DVWA. However, i felt dvwa is not suitable for new and advanced techniques...

7.9AI score
Exploits0
kitploit
kitploit
added 2013/12/20 5:19 p.m.52 views

[BTCrack v1.1] The worlds first Bluetooth Pass phrase (PIN) Bruteforce Tool

BTCrack is the worlds first Bluetooth Pass phrase PIN bruteforce tool, BTCrack will bruteforce the Passkey and the Link key from captured pairing exchanges. BTcrack was demoed and realeased at Hack.lu 2007 and 23C3 in Berlin, the video of the presentation is available on Google Video . To capture...

7.2AI score
Exploits0
kitploit
kitploit
added 2012/11/10 9:33 p.m.52 views

[PwnPi v2.0] A Pen Test Drop Box distro for the Raspberry Pi

PwnPi is a Linux-based penetration testing dropbox distribution for the Raspberry Pi. It currently has 114 network security tools pre-installed to aid the penetration tester. It is built on the debian squeeze image from the raspberry pi foundation’s website and uses Xfce as the window manager Log...

7.5AI score
Exploits0
kitploit
kitploit
added 2012/11/02 3:25 p.m.52 views

[DEFT 7.2] Computer Forensic live system

DEFT 7.2 released its last 32bit release but we will support bugfix until 2020. DEFT is a new concept of Computer Forensic live system that uses LXDE as desktop environment and thunar file manager and mount manager as tool for device management. It is a very easy to use system that includes an...

7.3AI score
Exploits0
kitploit
kitploit
added 2025/04/21 12:30 p.m.51 views

Bytesrevealer - Online Reverse Enginerring Viewer

Bytes Revealer is a powerful reverse engineering and binary analysis tool designed for security researchers, forensic analysts, and developers. With features like hex view, visual representation, string extraction, entropy calculation, and file signature detection, it helps users uncover hidden...

7.1AI score
Exploits0References3
kitploit
kitploit
added 2024/05/01 12:30 p.m.51 views

OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer

Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to enhance security by identifying and detecting various types of cyber attacks within your server logs. Stay ahead of potential threats with features that include: Features 1. Attac...

7AI score
Exploits0References1
kitploit
kitploit
added 2024/01/28 11:30 a.m.51 views

Raven - CI/CD Security Analyzer

RAVEN Risk Analysis andVulnerability Enumeration for CI/CD is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. Developed and maintained by the Cycode research team. With Raven, we were able to identify...

8AI score
Exploits0References13
kitploit
kitploit
added 2023/12/10 11:30 a.m.51 views

Legba - A Multiprotocol Credentials Bruteforcer / Password Sprayer And Enumerator

Legba is a multiprotocol credentials bruteforcer / password sprayer and enumerator built with Rust and the Tokio asynchronous runtime in order to achieve better performances and stability while consuming less resources than similar tools see the benchmark below. For the building instructions, usa...

8AI score
Exploits0References2
kitploit
kitploit
added 2023/10/11 6:26 p.m.51 views

Spoofy - Program That Checks If A List Of Domains Can Be Spoofed Based On SPF And DMARC Records

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records. You may be asking, "Why do we need another tool that can check if a domain can be spoofed?" Well, Spoofy is different and here is why: 1. Authoritative lookups on all lookups with known fallback...

7AI score
Exploits0References5
kitploit
kitploit
added 2023/04/26 12:30 p.m.51 views

PortEx - Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

7.1AI score
Exploits0References5
kitploit
kitploit
added 2023/04/25 12:30 p.m.51 views

Kubei - A Flexible Kubernetes Runtime Scanner

Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images that are being used in a Kubernetes cluster, including images of application pods and system pods. It doesn’t scan the entire image...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2023/04/06 12:30 p.m.51 views

Seekr - A Multi-Purpose OSINT Toolkit With A Neat Web-Interface

A multi-purpose toolkit for gathering and managing OSINT-Data with a neat web-interface. Introduction Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. The backend is written in Go and offers a wide range of features for data collection,...

6.9AI score
Exploits0References3
kitploit
kitploit
added 2022/11/01 11:30 a.m.51 views

Cicd-Goat - A Deliberately Vulnerable CI/CD Environment

Deliberately vulnerable CI/CD environment. Hack CI/CD pipelines, capture the flags. Created by Cider Security. Description The CI/CD Goat project allows engineers and security practitioners to learn and practice CI/CD security through a set of 10 challenges, enacted against a real, full blown CI/...

7.4AI score
Exploits0References6
kitploit
kitploit
added 2022/10/27 11:30 a.m.51 views

Whids - Open Source EDR For Windows

What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules. What do you mean by "artifact collection driven by detection" ? It means that an alert can directly trigger...

7.6AI score
Exploits0References15
kitploit
kitploit
added 2022/10/15 11:30 a.m.51 views

GodGenesis - A Python3 Based C2 Server To Make Life Of Red Teamer A Bit Easier. The Payload Is Capable To Bypass All The Known Antiviruses And Endpoints

God Genesis is a C2 server purely coded in Python3 created to help Red Teamers and Penetration Testers. Currently It only supports TCP reverse shell but wait a min, its a FUD and can give u admin shell from any targeted WINDOWS Machine. The List Of Commands It Supports :-...

7.5AI score
Exploits0References2
kitploit
kitploit
added 2022/08/22 12:30 p.m.51 views

RPCMon - RPC Monitor Tool Based On Event Tracing For Windows

A GUI tool for scanning RPC communication through Event Tracing for Windows ETW. The tool was published as part of a research on RPC communication between the host and a Windows container. Overview RPCMon can help researchers to get a high level view over an RPC communication between processes. I...

6.9AI score
Exploits0References4
kitploit
kitploit
added 2022/08/16 12:30 p.m.51 views

VLANPWN - VLAN Attacks Toolkit

VLAN attacks toolkit DoubleTagging.py - This tool is designed to carry out a VLAN Hopping attack. As a result of injection of a frame with two 802.1Q tags, a test ICMP request will also be sent. DTPHijacking.py - A script for conducting a DTP Switch Spoofing/Hijacking attack. Sends a malicious...

7.5AI score
Exploits0References1
kitploit
kitploit
added 2022/06/14 9:30 p.m.51 views

Gshell - A Flexible And Scalable Cross-Plaform Shell Generator Tool

A simple yet flexible cross-platform shell generator tool. Name: GGreat Shell Description: A cross-platform shell generator tool that lets you generate whichever shell you want, in any system you want, giving you full control and automation. If you find this tool helpful, then please give me a...

7.4AI score
Exploits0References1
Total number of security vulnerabilities5000