Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2019/08/29 1:0 p.m.426 views

RedHunt OS v2 - Virtual Machine For Adversary Emulation And Threat Hunting

Virtual Machine for Adversary Emulation and Threat Hunting by RedHunt Labs RedHunt OS aims to be a one stop shop for all your threat emulation and threat hunting needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. Base Machin...

7.3AI score
Exploits0References14
Kitploit
Kitploit
added 2018/09/25 12:12 p.m.425 views

JoomScan 0.0.7 - OWASP Joomla Vulnerability Scanner Project

OWASP Joomla! Vulnerability Scanner JoomScan is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments. Implemented in Perl, this tool enables seamless and effortless scanning of Joomla installations,...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/13 1:34 p.m.424 views

cSploit Android - The most complete and advanced IT security professional toolkit on Android

cSploit is a free/libre and open source GPLed Android network analysis and penetration suite which aims to be the most complete and advanced professional toolkit for IT security experts/geeks to perform network security assessments on a mobile device. See more at www.cSploit.org. Features Map you...

7AI score
Exploits0References5
Kitploit
Kitploit
added 2020/04/03 8:30 p.m.423 views

Tweetshell - Multi-thread Twitter BruteForcer In Shell Script

Tweetshell is an Shell Script to perform multi-threaded brute force attack against Twitter, this script can bypass login limiting and it can test infinite number of passwords with a rate of +400 passwords/min using 20 threads. Legal disclaimer: Usage of TweetShell for attacking targets without...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2019/05/07 9:26 p.m.422 views

BruteDum - Brute Force Attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC With Hydra, Medusa And Ncrack

BruteDum is a SSH, FTP, Telnet, PostgreSQL, RDP, VNC brute forcing tool with Hydra, Medusa and Ncrack. BruteDum can work with aany Linux distros if they have Python 3. Features of BruteDum SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra recommended SSH, FTP, Telnet, PostgreSQL, RDP, VNC with...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2013/05/02 11:46 p.m.422 views

[DEFT 7] Distribution with the best freeware Windows Computer Forensic tools

DEFT 7 is based on the new Kernel 3 Linux side and the DART Digital Advanced Response Toolkit with the best freeware Windows Computer Forensic tools. It’s a new concept of Computer Forensic system that use LXDE as desktop environment and WINE for execute Windows tools under Linux and mount manage...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2021/03/14 8:30 p.m.421 views

PowerSharpPack - Many usefull offensive CSharp Projects wraped into Powershell for easy usage

Many usefull offensive CSharp Projects wraped into Powershell for easy usage. Why? In my personal opinion offensive Powershell is not dead because of AMSI, Script-block-logging, Constrained Language Mode or other protection features. Any of these mechanisms can be bypassed. Since most new...

7.6AI score
Exploits0References55
Kitploit
Kitploit
added 2017/01/05 7:30 p.m.421 views

Steghide - Brute Force Attack to Find Hide Information and Password in a file

Execute a brute force attack with Steghide to file with hide information and password established. How it work Cloning this repo to your computer and typing in your terminal: git clone https://github.com/Va5c0/Steghide-Brute-Force-Tool.git To launch the script by typing: python stegbrute.py optio...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/08/09 12:30 p.m.419 views

SQLMap v1.3.8 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References20
Kitploit
Kitploit
added 2015/05/23 2:56 p.m.417 views

WakeMeOnLan v1.71 - Turn on computers on your network with Wake-on-LAN packet

This utility allows you to easily turn on one or more computers remotely by sending Wake-on-LAN WOL packet to the remote computers. When your computers are turned on, WakeMeOnLan allows you to scan your network, and collect the MAC addresses of all your computers, and save the computers list into...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2025/05/11 2:40 a.m.416 views

Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool

/\ / | / \ | \ | || | | | | / | /| |/ |/ |/ ,/; ; ; ,'/|; ,/,/, ,'/ |;/,/,/,/| ,/; |;|/,/,/,/,/| ,/'; |;|,/,/,/,/,/| ,/'; |;|/,/,/,/,/,/|, / ; |;|,/,/,/,/,/,/| / ,'; |;|/,/,/,/,/,/,/| /,/'; |;|,/,/,/,/,/,/,/| /;/ '; |;|/,/,/,/,/,/,/,/| ██████╗ ███████╗ ██████╗ █████╗ ███████╗██╗ ██╗███████╗...

7.8AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/27 10:27 p.m.415 views

Vulnado - Purposely Vulnerable Java Application To Help Lead Secure Coding Workshops

This application and exercises will take you through some of the OWASP top 10 Vulnerabilities and how to prevent them. Up and running 1. Install Docker for MacOS or Windows. You'll need to create a Docker account if you don't already have one. 2. git clone git://github.com/ScaleSec/vulnado 3. cd...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2019/06/21 9:49 p.m.415 views

Sliver - Implant Framework

Sliver is a general purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTPS, and DNS. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority generated when you first run the binary. The server, client, and implant a...

7.6AI score
Exploits0References6
Kitploit
Kitploit
added 2017/11/11 9:39 p.m.415 views

Dex-Oracle - A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis

A pattern based Dalvik deobfuscator which uses limited execution to improve semantic analysis. Also, the inspiration for another Android deobfuscator: Simplify. Before After sha1: a68d5d2da7550d35f7dbefc21b7deebe3f4005f3 md5: 2dd2eeeda08ac8c15be8a9f2d01adbe8 Installation Step 1. Install Smali /...

9.5AI score
Exploits0References8
Kitploit
Kitploit
added 2023/04/27 12:30 p.m.414 views

PhoneSploit-Pro - An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session

An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB Android Debug Bridge and Metasploit-Framework. Complete Automation to get a Meterpreter session in One Click This tool can automatically Create , Install , and Run payload on the target device using...

7.8AI score
Exploits0References8
Kitploit
Kitploit
added 2019/09/13 12:30 p.m.414 views

Shodan-Eye - Tool That Collects All The Information About All Devices Directly Connected To The Internet Using The Specified Keywords That You Enter

This tool collects all information about all devices that are directly connected to the internet with the specified keywords that you enter. This way you get a complete overview. The types of devices that are indexed can vary enormously: from small desktops, refrigerators to nuclear power plants...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2021/06/04 9:30 p.m.413 views

Metarget - Framework Providing Automatic Constructions Of Vulnerable Infrastructures

1 Introduction Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. 1.1 Why Metarget? During security researches, we might find that the deployment of...

8.8CVSS8.6AI score0.9857EPSS
Exploits157References31
Kitploit
Kitploit
added 2018/06/23 10:12 p.m.413 views

BeRoot For Linux - Privilege Escalation Project

BeRoot is a post exploitation tool to check common misconfigurations on Linux and Mac OS to find a way to escalate our privilege. To understand privilege escalation on these systems, you should understand at least two main notions: LOLBins this name has been given for Windows binaries but it shou...

8.4AI score
Exploits0References1
Kitploit
Kitploit
added 2022/01/24 11:30 a.m.412 views

VulnLab - A Web Vulnerability Lab Project

VulnLab A web vulnerability lab project developed by Yavuzlar. Vulnerabilities SQL Injection Cross Site Scripting XSS Command Injection Insecure Direct Object References IDOR Cross Site Request Forgery CSRF XML External Entity XXE Insecure Deserialization File Upload File Inclusion Broken...

7.7AI score
Exploits0References2
Kitploit
Kitploit
added 2021/05/08 9:30 p.m.412 views

Kiterunner - Contextual Content Discovery Tool

For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective for legacy web servers that host static files or respond with 3xx’s upon a partial path, it is no longer effective for modern web applications, specifically APIs. Over time,...

6.7AI score
Exploits0References4
Kitploit
Kitploit
added 2019/09/21 9:50 p.m.411 views

ScoutSuite - Multi-Cloud Security Auditing Tool

Scout Suite is an open source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of...

6.6AI score
Exploits0References7
Kitploit
Kitploit
added 2018/08/29 1:33 p.m.411 views

Telewreck - A Burp Extension To Detect And Exploit Versions Of Telerik Web UI Vulnerable To CVE-2017-9248

A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248. This extension is based on the original exploit tool written by Paul Taylor @bao7uo which is available at https://github.com/bao7uo/dpcrypto. Credits and big thanks to him. A related blog post on how to...

9.8CVSS9.4AI score0.75098EPSS
Exploits5References4
Kitploit
Kitploit
added 2019/03/02 12:12 p.m.408 views

Strelka - Scanning Files At Scale With Python And ZeroMQ

Strelka is a real-time file scanning system used for threat hunting, threat detection, and incident response. Based on the design established by Lockheed Martin's Laika BOSS and similar projects see: related projects, Strelka's purpose is to perform file extraction and metadata collection at huge...

7.3AI score
Exploits0References14
Kitploit
Kitploit
added 2017/10/31 1:12 p.m.406 views

Hashcat v4.0 - World's Fastest and Most Advanced Password Recovery Utility

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable...

9.1AI score
Exploits0
Kitploit
Kitploit
added 2022/01/27 11:30 a.m.405 views

BloodyAD - An Active Directory Privilege Escalation Framework

BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combining pathgen.py and autobloody.py. This framework supports NTLM with password or NTLM hashes and Kerberos authentication and binds to LDAP/LDAPS/SAMR services of a...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2014/05/27 3:0 a.m.405 views

oclHashcat v1.2 - GPGPU-based Multi-hash Cracker

oclHashcat is a GPGPU-based multi-hash cracker using a brute-force attack implemented as mask attack, combinator attack, dictionary attack, hybrid attack, mask attack, and rule-based attack. This GPU cracker is a fusioned version of oclHashcat-plus and oclHashcat-lite. GPU Driver requirements: NV...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2019/08/24 9:52 p.m.402 views

IPRotate - Extension For Burp Suite Which Uses AWS API Gateway To Rotate Your IP On Every Request

Extension for Burp Suite which uses AWS API Gateway to change your IP on every request. More info: https://rhinosecuritylabs.com/aws/bypassing-ip-based-blocking-aws/ Description This extension allows you to easily spin up API Gateways across multiple regions. All the Burp Suite traffic for the...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2021/12/20 11:30 a.m.400 views

log4j-scan - A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts

A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts Features Support for lists of URLs. Fuzzing for more than 60 HTTP request headers not only 3-4 headers as previously seen tools. Fuzzing for HTTP POST Data parameters. Fuzzing for JSON data parameters. Supports...

10CVSS10AI score0.99999EPSS
Exploits356References1
Kitploit
Kitploit
added 2021/10/24 8:30 p.m.399 views

ThreadStackSpoofer - PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode'S Memory Allocation From Scanners And Analysts

A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory. Intro This is an example implementation for Thread Stack Spoofing technique...

7.2AI score
Exploits0References11
Kitploit
Kitploit
added 2021/02/17 8:30 p.m.394 views

CrackerJack - Web GUI for Hashcat

Web Interface for Hashcat by Context Information Security Demo / StartCracking in Under 5 Minutes Introduction CrackerJack is a Web GUI for Hashcat developed in Python. Architecture This project aims to keep the GUI and Hashcat independent. In a nutshell, here's how it works: User uploads hashes,...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/12 12:45 p.m.394 views

Commando VM v1.3 - The First Full Windows-based Penetration Testing Virtual Machine Distribution

Welcome to CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Installation Install Script Requirements Windows 7 Service Pack 1 or Windows 10 60 GB Hard Drive 2 GB RAM Recommended Windows 10 80+ GB Hard Drive 4+ GB RAM 2 network adapters...

8.5AI score
Exploits0References21
Kitploit
Kitploit
added 2018/09/29 8:39 p.m.393 views

Aircrack-ng 1.4 - Complete Suite Of Tools To Assess WiFi Network Security

Aircrack-ng is a complete suite of tools to assess WiFi network security. It focuses on different areas of WiFi security: Monitoring: Packet capture and export of data to text files for further processing by third party tools. Attacking: Replay attacks, deauthentication, fake access points and...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2017/07/19 2:30 p.m.393 views

GPS-SDR-SIM - Software-Defined GPS Signal Simulator

GPS-SDR-SIM generates GPS baseband signal data streams, which can be converted to RF using software-defined radio SDR platforms, such as bladeRF, HackRF, and USRP. Windows build instructions 1. Start Visual Studio. 2. Create an empty project for a console application. 3. On the Solution Explorer ...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2022/03/01 9:4 p.m.391 views

BruteShark - Network Analysis Tool

BruteShark is a Network Forensic Analysis Tool NFAT that performs deep processing and inspection of network traffic mainly PCAP files, but it also capable of directly live capturing from a network interface. It includes: password extracting, building a network map, reconstruct TCP sessions, extra...

7.5AI score
Exploits0References10
Kitploit
Kitploit
added 2020/02/02 12:0 p.m.392 views

DVNA - Damn Vulnerable NodeJS Application

Damn Vulnerable NodeJS Application DVNA is a simple NodeJS application to demonstrate OWASP Top 10 Vulnerabilities and guide on fixing and avoiding these vulnerabilities. The fixes branch will contain fixes for the vulnerabilities. Fixes for vunerabilities OWASP Top 10 2017 vulnerabilities at...

7.4AI score
Exploits0References4
Kitploit
Kitploit
added 2019/05/03 12:54 p.m.390 views

Vulmap - Online Local Vulnerability Scanners Project

Vulmap is an open source online local vulnerability scanner project. It consists of online local vulnerability scanning programs for Windows and Linux operating systems. These scripts can be used for defensive and offensive purposes. It is possible to make vulnerability assessments using these...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2018/06/29 1:38 p.m.391 views

Ikeext-Privesc - Windows IKEEXT DLL Hijacking Exploit Tool

This tool is intended for automatically detecting and exploiting the IKE and AuthIP IPsec Keyring Modules Service IKEEXT Missing DLL vulnerability. Description A major weakness is present in Windows Vista, 7, 8, Server 2008, Server 2008 R2 and Server 2012, which allows any authenticated user to...

7.8AI score
Exploits0References1
Kitploit
Kitploit
added 2015/12/09 8:20 p.m.390 views

MassBleed - Mass SSL Vulnerability Scanner

USAGE sh massbleed.sh CIDR|IP single|port|subnet port proxy ABOUT This script has four main functions with the ability to proxy all connections: 1. To mass scan any CIDR range for OpenSSL vulnerabilities via port 443/tcp https example: sh massbleed.sh 192.168.0.0/16 2. To scan any CIDR range for...

7.5CVSS6.6AI score0.99999EPSS
Exploits101References1
Kitploit
Kitploit
added 2021/08/08 9:30 p.m.389 views

Php-Jpeg-Injector - Injects Php Payloads Into Jpeg Images

Injects php payloads into jpeg images. Related to this post. Use Case You have a web application that runs a jpeg image through PHP's GD graphics library. Description This script injects PHP code into a specified jpeg image. The web application will execute the payload if it interprets the image...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2019/08/22 1:0 p.m.387 views

Hacktronian - All In One Hacking Tool For Linux & Android

Pentesing Tools That All Hacker Needs. HACKTRONIAN Menu : Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation Install The HACKTRONIAN Information Gathering: Nmap Setoolkit Port Scanning Host To IP wordpre...

8AI score
Exploits0References1
Kitploit
Kitploit
added 2017/11/01 1:30 p.m.387 views

Diamorphine - LKM Rootkit for Linux Kernels 2.6.x/3.x/4.x

Diamorphine is a LKM rootkit for Linux Kernels 2.6.x/3.x/4.x Features When loaded, the module starts invisible; Hide/unhide any process by sending a signal 31; Sending a signal 63to any pid makes the module become invisible; Sending a signal 64to any pid makes the given user become root; Files or...

8.9AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/19 9:25 p.m.386 views

Kali NetHunter App Store - The New Android Store Dedicated to Free Security Apps

The Kali NetHunter App Store is a one-stop-shop for security relevant Android applications. It is the ultimate alternative to the Google Play store for any Android device, whether rooted or not, NetHunter or stock. If you are after any security application for your Android device, the NetHunter...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2015/04/24 2:13 p.m.387 views

MobaXterm - Terminal for Windows with X11 server, tabbed SSH client, network tools and much more...

MobaXterm is your ultimate toolbox for remote computing. In a single Windows application, it provides loads of functions that are tailored for programmers, webmasters, IT administrators and pretty much all users who need to handle their remote jobs in a more simple fashion. MobaXterm provides all...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2021/04/01 8:30 p.m.385 views

SharpDPAPI - A C# Port Of Some Mimikatz DPAPI Functionality

SharpDPAPI is a C port of some DPAPI functionality from @gentilkiwi's Mimikatz project. I did not come up with this logic, it is simply a port from Mimikatz in order to better understand the process and operationalize it to fit our workflow. The SharpChrome subproject is an adaptation of work fro...

7.7AI score
Exploits0References23
Kitploit
Kitploit
added 2019/01/04 8:22 p.m.385 views

Kalitorify - Transparent Proxy Through Tor For Kali Linux OS

kalitorify is a shell script for Kali Linux which use iptables settings for transparent proxy through Tor, the program also allows you to perform various checks like checking the external ip, or if Tor has been configured correctly. What is Transparent Proxy? Also known as an intercepting proxy,...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2019/07/05 1:12 p.m.386 views

Wesng - Windows Exploit Suggester

WES-NG is a tool based on the output of Windows' systeminfo utility which provides the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities. Every Windows OS between Windows XP and Windows 10, including their Windows Server counterparts, is supported...

7.3AI score
Exploits0References11
Kitploit
Kitploit
added 2019/06/26 9:44 p.m.384 views

Cryptr - A Simple Shell Utility For Encrypting And Decrypting Files Using OpenSSL

A simple shell utility for encrypting and decrypting files using OpenSSL. Installation git clone https://github.com/nodesocket/cryptr.git ln -s "$PWD"/cryptr/cryptr.bash /usr/local/bin/cryptr Bash tab completion Add tools/cryptr-bash-completion.bash to your tab completion file directory...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2019/07/06 10:12 p.m.382 views

DarkScrape - OSINT Tool For Scraping Dark Websites

OSINT Tool to find Media Links in Tor Sites. Tested On Kali Linux 2019.2 Ubuntu 18.04 Nethunter Arc Linux Installation git clone https://github.com/itsmehacker/DarkScrape.git pip3 install -r requirements.txt Features Download Media Scrape From Single Url Scraping From Files Txt Csv Excel Inspired...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2017/09/07 1:49 p.m.382 views

DKMC - Malicious Payload Evasion Tool

Don't kill my cat is a tool that generates obfuscated shellcode that is stored inside of polyglot images. The image is 100% valid and also 100% valid shellcode. The idea is to avoid sandbox analysis since it's a simple "legit" image. For now the tool rely on PowerShell the execute the final...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2019/01/14 12:13 p.m.380 views

Sitadel - Web Application Security Scanner

Sitadel is basically an update for WAScan making it compatible for python = 3.4 It allows more flexibility for you to write new modules and implement new features : Frontend framework detection Content Delivery Network detection Define Risk Level to allow for scans Plugin system Docker image...

2.6CVSS7.1AI score0.18254EPSS
Exploits2References1
Total number of security vulnerabilities5000