Lucene search
+L
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2022/04/13 9:30 p.m.42 views

Presshell - Quick And Dirty Wordpress Command Execution Shell

presshell Quick & dirty Wordpress Command Execution Shell. Execute shell commands on your wordpress server. Uploaded shell will probably be at /wp-content/plugins/shell/shell.php Installation To install the shell, we are assuming you have administrative rights to Wordpress and can install plugins...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2022/03/03 11:30 a.m.42 views

Litefuzz - A Multi-Platform Fuzzer For Poking At Userland Binaries And Servers

Litefuzz is meant to serve a purpose: fuzz and triage on all the major platforms, support both CLI/GUI apps, network clients and servers in order to find security-related bugs. It simplifies the process and makes it easy to discover security bugs in many different targets, across platforms, while...

7.8AI score
Exploits0References16
Kitploit
Kitploit
added 2022/02/19 8:30 p.m.42 views

HybridTestFramework - End To End Testing Of Web, API And Security

Full-fledged WEB, API and Security testing framework using selenium,ZAP OWASP proxy and rest-assured Supported Platforms This framework supports WebUi automation across a variety of browsers like Chrome, Firefox, IE, no only limited to this but extended to test rest api, security and visual...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2022/02/05 11:30 a.m.42 views

SMBSR - Lookup For Interesting Stuff In SMB Shares

Well, SMBSR is a python script which given a CIDR/IP/IPfile/HOSTNAMEs enumerates all the SMB services listening 445 among the targets and tries to authenticate against them; if the authentication succeed then all the folders and subfolders are visited recursively in order to find secrets in files...

7.7AI score
Exploits0References2
Kitploit
Kitploit
added 2022/01/16 8:30 p.m.42 views

Registry-Spy - Cross-platform Registry Browser For Raw Windows Registry Files

Registry Spy is a free, open-source cross-platform Windows Registry viewer. It is a fast, modern, and versatile explorer for raw registry files. Features include: Fast, on-the-fly parsing means no upfront overhead Open multiple hives at a time Searching Hex viewer Modification timestamps...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2021/11/22 8:30 p.m.42 views

ThreatBox - A Standard And Controlled Linux Based Attack Platform

ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code to build a Linux ISO, and has now been converted to a set of ansible playbooks. Why Ansible? Why no...

7.8AI score
Exploits0References3
Kitploit
Kitploit
added 2021/11/04 8:30 p.m.42 views

Androidqf - (Android Quick Forensics) Helps Quickly Gathering Forensic Evidence From Android Devices, In Order To Identify Potential Traces Of Compromise

androidqf Android Quick Forensics is a portable tool to simplify the acquisition of relevant forensic data from Android devices. It is the successor of Snoopdroid, re-written in Go and leveraging official adb binaries. androidqf is intended to provide a simple and portable cross-platform utility ...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2021/07/01 9:30 p.m.42 views

Invoke-DNSteal - Simple And Customizable DNS Data Exfiltrator

Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over UDP and TCP, and lets you control the size of queries using random delay. Also, allows you to avoid detections by using random domains in each of your queries and you c...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2021/06/15 12:30 p.m.42 views

A2P2V - Automated Attack Path Planning and Validation

Automated Attack Path Planning and Validation A2P2V is a planning and cyber-attack tool that provides the capability for users to determine a set of ranked attack sequences given a specific attacker goal. The aim of the tool is to simplify process so that non-security experts can generate clear,...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2021/04/07 9:30 p.m.42 views

Columbo - A Computer Forensic Analysis Tool Used To Simplify And Identify Specific Patterns In Compromised Datasets

Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets. It breaks down data to small sections and uses pattern recognition and machine learning models to identify adversaries behaviour and their possible locations in compromised Window...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2021/03/18 8:30 p.m.42 views

AnonX - An Encrypted File Transfer Via AES-256-CBC

An Encrypted File transfer via AES-256-CBC AnonX is an encrypted file uploader and downloader. The uploaded archive lasts for one week and shall remove from the server. AnonX encrypts the directory before uploading it to the server. The download function requires the download id and AES password ...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2021/01/12 11:30 a.m.42 views

Sigurls - A Reconnaissance Tool, It Fetches URLs From AlienVault's OTX, Common Crawl, URLScan, Github And The Wayback Machine

sigurls is a reconnaissance tool, it fetches URLs from AlienVault's OTX , Common Crawl , URLScan , Github and the Wayback Machine. Usage To display help message for sigurls use the -h flag: $ sigurls -h | | / | |/ | | | | '| / | \ \ | | | || | | | \ \ |/|, |,|| ||/ v1.3.1 |/ USAGE: sigurls...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2021/01/07 8:30 p.m.42 views

UhOh365 - A Script That Can See If An Email Address Is Valid In Office365 (User/Email Enumeration)

A script that can see if an email address is valid in Office365. This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't. Microsoft does not consider "email enumeration" a vulnerability, so th...

7.7AI score
Exploits0References3
Kitploit
Kitploit
added 2020/12/08 11:30 a.m.42 views

Wp_Hunter - Static Analysis Of Wordpress Plugins

Static analysis to search for vulnerabilities in Wordpress plugins. / \ / \ / | \ / | \ // /| / \ | / \ / \ \ \ / | | \ Y / | / | \ | \ /| | / /\ / ||| /|/|| /| \ | / // / / / | Author: @JosueEncinar Starting the process Total plugins 87509 Starting the analisys How to add a module The...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2020/11/11 11:30 a.m.42 views

NFCGate - An NFC Research Toolkit Application For Android

NFCGate is an Android application meant to capture, analyze, or modify NFC traffic. It can be used as a researching tool to reverse engineer protocols or assess the security of protocols against traffic modifications. Notice This application was developed for security research purposes by student...

7AI score
Exploits0References17
Kitploit
Kitploit
added 2020/11/01 11:30 a.m.42 views

PowerShell-Red-Team - Collection Of PowerShell Functions A Red Teamer May Use To Collect Data From A Machine

Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a target. I added ps1 files for the commands that are included in the RedTeamEnum module. This will allow you to easily find and use only one command if that is all you want. If you want the...

8AI score
Exploits0References1
Kitploit
Kitploit
added 2020/10/26 8:30 p.m.42 views

JWT-Hack - Tool To En/Decoding JWT, Generate Payload For JWT Attack And Very Fast Cracking(Dict/Brutefoce)

jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast crackingdict/brutefoce Installation go-getdev version $ go get -u github.com/hahwul/jwt-hack homebrew $ brew tap hahwul/jwt-hack $ brew install jwt-hack snapcraft $...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2020/09/12 11:30 a.m.42 views

MZAP - Multiple Target ZAP Scanning

Multiple target ZAP Scanning / mzap is a tool for scanning NN in ZAP. Concept Installation go-get $ go get -u github.com/hahwul/mzap snapcraft $ sudo snap install mzap --devmode homebrew $ brew tap hahwul/mzap $ brew install mzap Usage Usage: mzap command Available Commands: ajaxspider Add...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2019/08/07 1:9 p.m.42 views

SET v8.0.1 - The Social-Engineer Toolkit

Copyright 2019 The Social-Engineer Toolkit SET Written by: David Kennedy ReL1K Company: TrustedSec DISCLAIMER: This is only for testing purposes and can only be used where strict consent has been given. Do not use this for illegal purposes, period. Please read the LICENSE under readme/LICENSE for...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2019/01/24 8:47 p.m.42 views

SecureTea Project - The Purpose Of This Application Is To Warn The User (Via Various Communication Mechanisms) Whenever Their Laptop Accessed

Small IoT Internet of Things to notify users via Twitter, whenever someone accesses their laptop. This application uses the touchpad/mouse/wireless mouse to determine activity and is developed in Python and tested on Linux. The purpose of this application is to warn the user via various...

7AI score
Exploits0References5
Kitploit
Kitploit
added 2018/07/10 2:12 p.m.42 views

Dirhunt - Find Web Directories Without Bruteforce

Dirhunt is a web crawler optimize for search and analyze directories. This tool can find interesting things if the server has the "index of" mode enabled. Dirhunt is also useful if the directory listing is not enabled. It detects directories with false 404 errors , directories where an empty inde...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2018/07/03 1:45 p.m.42 views

MSDAT - Microsoft SQL Database Attacking Tool

MSDAT M icros oft SQL D atabase A ttacking T ool is an open source penetration testing tool that tests the security of Microsoft SQL Databases remotely. Usage examples of MSDAT: You have a Microsoft database listening remotely and you want to find valid credentials in order to connect to the...

8.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/04/27 9:12 p.m.42 views

Grok-backdoor - Backdoor With Ngrok Tunnel Support

Grok-backdoor is a simple python based backdoor, it uses Ngrok tunnel for the communication. Ngrok-backdoor can generate windows, linux and mac binaries using Pyinstaller. Disclaimer: All the code provided on this repository is for educational/research purposes only. Any actions and/or activities...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2018/03/09 8:12 p.m.42 views

Arjun - Tool To Find Hidden GET & POST Parameters

Arjun is a python script for finding hidden GET & POST parameters using regex and bruteforce. Dependencies requests threading Usages Here's how you can scan a webpage for get parameters python arjun.py -u http://example.com/index.php --get For POST, just use the --post flag. To specify the number...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/02 9:7 p.m.42 views

ADRecon - Tool Which Gathers Information About The Active Directory

ADRecon is a tool which extracts various artifacts as highlighted below out of an AD environment in a specially formatted Microsoft Excel report that includes summary views with metrics to facilitate analysis. The report can provide a holistic picture of the current state of the target AD...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2017/09/05 8:30 p.m.42 views

NMapGUI - Advanced Graphical User Interface for NMap

NMapGUI is an advanced graphical user interface for NMap network analysis tool. It allows to extend and ease the typical usage of NMap by providen a visual and fast interface with the application. If you have any questions about NMapGUI usage or want to get in contact with me, please visit: Twitt...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2017/08/24 2:9 p.m.42 views

iWant - CLI Based Decentralized Peer To Peer File Sharing

A commandline tool for searching and downloading files in LAN network, without any central server. Features Decentralized : There is no central server hosting files. Therefore, no central point of failure Easydiscovery of files: As easy as searching for something in Google. File download from...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2017/07/17 3:9 p.m.42 views

Volatility 2.6 - Advanced Memory Forensics Framework

In 2007, the first version of The Volatility Framework was released publicly at Black Hat DC. The software was based on years of published academic research into advanced memory analysis and forensics. Up until that point, digital investigations had focused primarily on finding contraband within...

7.1AI score
Exploits0References10
Kitploit
Kitploit
added 2017/03/20 1:56 p.m.42 views

PloitKit - The Hacker's ToolBox

PloitKit is a Python based GUI tool designed as one-stop for all other softwares. I was facing these kinds of problem, when I need to switch to different system, or I lost my pen-drive. I have to go to google, and search every tool and download every tool and so on. So I decided to create a tool,...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2016/12/11 2:8 p.m.42 views

OONI - Open Observatory of Network Interference

OONI, the Open Observatory of Network Interference, is a global observation network which aims is to collect high quality data using open methodologies, using Free and Open Source Software FL/OSS to share observations and data about the various types, methods, and amounts of network tampering in...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2016/05/21 9:12 p.m.42 views

Clair - Vulnerability Static Analysis for Containers

Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. Vulnerability data is continuously imported from a known set of sources and correlated with the indexed contents of container images in order to produce lists of vulnerabilities that threaten...

7.3AI score
Exploits0References9
Kitploit
Kitploit
added 2016/05/05 10:30 p.m.42 views

Skydive - An Open Source Real-Time Network Topology and Protocols Analyzer

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. Al...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2016/04/02 7:30 p.m.42 views

Pentestly - Python and Powershell internal Penetration Testing Framework

Pentestly is a combination of expanding Python tools for use in penetration tests. The goal is to utilize a familiar user interface while making contributions to the framework easy with the power of Python. Blog post: Pentestly Framework: When Pentesting Meets Python and Powershell Author:...

8.4AI score
Exploits0References10
Kitploit
Kitploit
added 2016/03/04 8:30 p.m.42 views

Malware-Jail - Sandbox for semi-automatic Javascript malware analysis and payload extraction

Sandbox for semi-automatic Javascript malware analysis and payload extraction. Written for Node.js malware-jail is written for Node's 'vm' sandbox . Currently implements WScript Windows Scripting Host context env/wscript.js , at least the part frequently used by malware. Internet browser context ...

7.1AI score
Exploits0References7
Kitploit
Kitploit
added 2015/08/11 9:55 p.m.42 views

Kali Linux 2.0 - The Best Penetration Testing Distribution

So, what’s new in Kali 2.0? There’s a new 4.0 kernel, now based on Debian Jessie, improved hardware and wireless driver coverage, support for a variety of Desktop Environments gnome, kde, xfce, mate, e17, lxde, i3wm, updated desktop environment and tools – and the list goes on. Kali Linux is Now ...

7AI score
Exploits0
Kitploit
Kitploit
added 2015/05/14 11:5 p.m.42 views

InstaRecon - Automated Digital Reconnaissance

Automated basic digital reconnaissance. Great for getting an initial footprint of your targets and discovering additional subdomains. InstaRecon will do: DNS direct, PTR, MX, NS lookups Whois domains and IP lookups Google dorks in search of subdomains Shodan lookups Reverse DNS lookups on entire...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2014/06/01 6:14 p.m.42 views

Argus v3.0.6 - Real Time Auditing Network Activity

Argus is a fixed-model Real Time Flow Monitor designed to track and report on the status and performance of all network transactions seen in a data network traffic stream. Argus provides a common data format for reporting flow metrics such as connectivity, capacity, demand, loss, delay, and jitte...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2014/02/11 12:21 a.m.42 views

[IDSwakeup] Collection of Tools to test network intrusion detection systems

IDSwakeup is a collection of tools that allows to test network intrusion detection systems. The main goal of IDSwakeup is to generate false attack that mimic well known ones, in order to see if NIDS detects them and generates false positives. This release of IDSwakeup includes: IDSwakeup The main...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2025/04/09 12:30 p.m.41 views

Lobo Guará - Cyber Threat Intelligence Platform

Lobo Guará is a platform aimed at cybersecurity professionals, with various features focused on Cyber Threat Intelligence CTI. It offers tools that make it easier to identify threats, monitor data leaks, analyze suspicious domains and URLs, and much more. Features 1. SSL Certificate Search Allows...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2024/01/11 11:30 a.m.41 views

Bugsy - Command-line Interface Tool That Provides Automatic Security Vulnerability Remediation For Your Code

Bugsy is a command-line interface CLI tool that provides automatic security vulnerability remediation for your code. It is the community edition version of Mobb, the first vendor-agnostic automated security vulnerability remediation tool. Bugsy is designed to help developers quickly identify and...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2023/11/30 11:30 a.m.41 views

Windiff - Web-based Tool That Allows Comparing Symbol, Type And Syscall Information Of Microsoft Windows Binaries Across Different Versions Of The OS

WinDiff is an open-source web-based tool that allows browsing and comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the operating system. The binary database is automatically updated to include information from the latest Windows updates...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2023/11/18 11:30 a.m.41 views

Bread - BIOS Reverse Engineering And Advanced Debugging

BREAD BIOS Reverse Engineering & Advanced Debugging is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code on real HW from another PC via serial cable. Introduction BREAD emerged from many failed attempts to reverse engineer legacy BIOS. Given that the vast majority -- ...

7.8AI score
Exploits0References8
Kitploit
Kitploit
added 2023/11/09 11:30 a.m.41 views

Red Canary Mac Monitor - An Advanced, Stand-Alone System Monitoring Tool Tailor-Made For macOS Security Research

Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research, malware triage, and system troubleshooting. Harnessing Apple Endpoint Security ES, it collects and enriches system events, displaying them graphically, with an expansive feature set...

6.9AI score
Exploits0References5
Kitploit
Kitploit
added 2023/10/28 11:30 a.m.41 views

CloudPulse - AWS Cloud Landscape Search Engine

During the reconnaissance phase, an attacker searches for any information about his target to create a profile that will later help him to identify possible ways to get in an organization. CloudPulse is a powerful tool that simplifies and enhances the analysis of SSL certificate data. It leverage...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2023/07/08 12:30 p.m.41 views

Blacklist3r - Accumulate Secret Keys / Secret Materials Related To Various Web Frameworks

The goal of this project is to accumulate the secret keys / secret materials related to various web frameworks, that are publicly available and potentially used by developers. These secrets will be utilized by the Blacklist3r tools to audit the target application and verify the usage of these...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2023/04/18 12:30 p.m.41 views

Wa-Tunnel - Tunneling Internet Traffic Over Whatsapp

This is a Baileys based piece of code that lets you tunnel TCP data through two Whatsapp accounts. This can be usable in different situations, for example network carriers that give unlimited whatsapp data or airplanes where you also get unlimited social network data. It's using Baileys since it'...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2023/04/13 12:30 p.m.41 views

Pinacolada - Wireless Intrusion Detection System For Hak5's WiFi Coconut

Pinacolada looks for typical IEEE 802.11 attacks and then informs you about them as quickly as possible. All this with the help of Hak5's WiFi Coconut, which allows it to listen for threats on all 14 channels in the 2.4GHz range simultaneously. Supported 802.11 Attacks Attack | Type | Status...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2023/03/27 11:30 a.m.41 views

ThunderCloud - Cloud Exploit Framework

Cloud Exploit Framework Usage python3 tc.py -h | | | | | / | | | | | | | | | | | | | | | | | | | ' | | | | ' \ / |/ \ '| | | |/ | | | |/ | | | | | | | || | | | | | | / | | || | | || | | | / || ||,|| ||,||| ||/ ,|,| usage: tc.py -h -ce COGNITOENDPOINT -reg REGION -accid AWSACCOUNTID...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2022/10/03 11:30 a.m.41 views

Java-Remote-Class-Loader - Tool to send Java bytecode to your victims to load and execute using Java ClassLoader together with Reflect API

This tool allows you to send Java bytecode in the form of class files to your clients or potential targets to load and execute using Java ClassLoader together with Reflect API. The client receives the class file from the server and return the respective execution output. Payloads must be written ...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2022/09/05 11:30 a.m.41 views

Aura - Python Source Code Auditing And Static Analysis On A Large Scale

Source code auditing and static code analysis Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Project goals: provide an automated monitoring system over uploaded packages to PyPI, alert on...

7.2AI score
Exploits0References5
Total number of security vulnerabilities5000