Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2014/10/21 3:6 a.m.40 views

WiFi software Acrylic WiFi Free v2.1 - WiFi analyzer software and WLAN scanner for network analysts

Acrylic WiFi Professional is the best WiFi analyzer software to identify access points and wifi channels, and to analyze and resolve incidences on 802.11a/b/g/n/ac wireless networks in real time. It is a perfect tool for advanced users and professional WiFi network analysts and administrators to...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2013/12/23 3:57 p.m.40 views

[PDFMiner] Python PDF parser and analyzer

PDFMiner is a tool for extracting information from PDF documents. Unlike other PDF-related tools, it focuses entirely on getting and analyzing text data. PDFMiner allows one to obtain the exact location of text in a page, as well as other information such as fonts or lines. It includes a PDF...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2013/09/20 11:49 p.m.40 views

[ollydbg-binary-execution-visualizer] New Tool for Visualizing Binaries With Ollydbg and Graphvis

Sometimes crackme’s or something you might be reversing will constantly bug you due to the excessive usage of f7 & f8. It will be quiet neat if you can see how the application is executing visually and set your break points accordingly. Requirements: o Ollyscript plugin o Bunch of your favorite...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2013/02/23 12:53 a.m.40 views

[Zexplo] Penetration Testing Toolkit

Zexplo is a python based Penetration Testing toolkit with simple and cool interface. This first version of Zexplo has 6 enumeration modules for various network scanning operations such as zping, zarpcache, ztcpscan, znmapport etc and 1 exploit filecopa. In addition to this it also has some exciti...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2013/02/22 7:45 p.m.40 views

[WPScan Android] WordPress Security Scanner Android App

WPScan is a black box WordPress Security Scanner written in Ruby which attempts to find known security weaknesses within WordPress installations. Its intended use it to be for security professionals or WordPress administrators to asses the security posture of their WordPress installations...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2025/04/14 12:30 p.m.39 views

Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet

Torward is an improved version based on the torghost-gn and darktor scripts, designed to enhance anonymity on the Internet. The tool prevents data leaks and forces all traffic from our computer to be routed exclusively through the Tor network, providing a high level of privacy in our connections...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2024/04/03 11:30 a.m.39 views

ST Smart Things Sentinel - Advanced Security Tool To Detect Threats Within The Intricate Protocols utilized By IoT Devices

ST Smart Things Sentinel is an advanced security tool engineered specifically to scrutinize and detect threats within the intricate protocols utilized by IoT Internet of Things devices. In the ever-expanding landscape of connected devices, ST Smart Things Sentinel emerges as a vigilant guardian,...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2024/03/15 11:30 a.m.39 views

Pyradm - Python Remote Administration Tool Via Telegram

Remote administration crossplatfrom tool via telegram\ Coded with ❤️ python3 + aiogram3 \ https://t.me/ptsoft v0.3 X Screenshot from target X Crossplatform X Upload/Download X Fully compatible shell X Process list X Webcam video record or screenshot X Geolocation X Filemanager X Microphone X...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2024/03/03 11:30 a.m.39 views

Tinyfilemanager-Wh1Z-Edition - Effortlessly Browse And Manage Your Files With Ease Using Tiny File Manager [WH1Z-Edition], A Compact Single-File PHP File Manager

Introducing Tiny File Manager WH1Z-Edition, the compact and efficient solution for managing your files and folders with enhanced privacy and security features. Gone are the days of relying on external resources – I've stripped down the code to its core, making it truly lightweight and perfect for...

8.2AI score
Exploits0References3
Kitploit
Kitploit
added 2024/01/21 11:30 a.m.39 views

DllNotificationInjection - A POC Of A New "Threadless" Process Injection Technique That Works By Utilizing The Concept Of DLL Notification Callbacks In Local And Remote Processes

DllNotificationInection is a POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes. An accompanying blog post with more details is available here: https://shorsec.io/blog/dll-notification-injection/ Ho...

7.8AI score
Exploits0References6
Kitploit
Kitploit
added 2023/12/18 11:30 a.m.39 views

VED-eBPF - Kernel Exploit And Rootkit Detection Using eBPF

VED Vault Exploit Defense-eBPF leverages eBPF extended Berkeley Packet Filter to implement runtime kernel security monitoring and exploit detection for Linux systems. Introduction eBPF is an in-kernel virtual machine that allows code execution in the kernel without modifying the kernel source...

8AI score
Exploits0References2
Kitploit
Kitploit
added 2023/11/22 11:30 a.m.39 views

Deepsecrets - Secrets Scanner That Understands Code

Yet another tool - why? Existing tools don't really "understand" code. Instead, they mostly parse texts. DeepSecrets expands classic regex-search approaches with semantic analysis, dangerous variable detection, and more efficient usage of entropy analysis. Code understanding supports 500+ languag...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2023/11/08 11:30 a.m.39 views

Elevationstation - Elevate To SYSTEM Any Way We Can! Metasploit And PSEXEC Getsystem Alternative

Elevation Station Stealing and Duplicating SYSTEM tokens for fun & profit! We duplicate things, make twin copies, and then ride away. You have used Metasploit's getsystem and SysInternals PSEXEC for getting system privs, correct? Well, here's a similar standalone version of that...but without the...

8.2AI score
Exploits0References1
Kitploit
Kitploit
added 2023/09/30 11:30 a.m.39 views

Electron_Shell - Developing A More Covert Remote Access Trojan (RAT) Tool By Leveraging Electron's Features For Command Injection And Combining It With Remote Control Methods

Electronshell Developing a more covert Remote Access Trojan RAT tool by leveraging Electron's features for command injection and combining it with remote control methods. Read More: AOH 024探索将Shell寄生于Electron程序的自动化实现 Features Supports almost all operating systems mac linux windows Supports almost...

8.3AI score
Exploits0References2
Kitploit
Kitploit
added 2023/08/29 12:30 p.m.39 views

DNSWatch - DNS Traffic Sniffer and Analyzer

DNSWatch is a Python-based tool that allows you to sniff and analyze DNS Domain Name System traffic on your network. It listens to DNS requests and responses and provides insights into the DNS activity. Features Sniff and analyze DNS requests and responses. Display DNS requests with their...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2023/08/24 3:8 a.m.39 views

Kali Linux 2023.3 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2023.3. This release has various impressive updates. The highlights of the changelog since the 2023.2 release from May: Internal Infrastructure - Major stack changes is under way Kali Autopilot - The automation attack framework has had an major...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2023/08/11 12:30 p.m.39 views

Xcrawl3R - A CLI Utility To Recursively Crawl Webpages

xcrawl3r is a command-line interface CLI utility to recursively crawl webpages i.e systematically browse webpages' URLs and follow links to discover linked webpages' URLs. Features Recursively crawls webpages for URLs. Parses URLs from files .js, .json, .xml, .csv, .txt & .map. Parses URLs from...

6.9AI score
Exploits0References10
Kitploit
Kitploit
added 2023/06/25 12:30 p.m.39 views

Gato - GitHub Self-Hosted Runner Enumeration And Attack Tool

Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization. The tool also allows searching for and thoroughly enumerating publ...

7.7AI score
Exploits0References6
Kitploit
Kitploit
added 2023/06/12 12:30 p.m.39 views

C2-Hunter - Extract C2 Traffic

C2-Hunter C2-Hunter is a program designed for malware analysts to extract Command and Control C2 traffic from malwares in real-time. The program uses a unique approach by hooking into win32 connections APIs. With C2-Hunter, malware analysts can now intercept and analyze communication in real-time...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2023/05/18 12:30 p.m.39 views

Wafaray - Enhance Your Malware Detection With WAF + YARA (WAFARAY)

WAFARAY is a LAB deployment based on Debian 11.3.0 stable x64 made and cooked between two main ingredients WAF + YARA to detect malicious files e.g. webshells, virus, malware, binaries typically through web functions upload files. Purpose In essence, the main idea came to use WAF + YARA YARA...

7.6AI score
Exploits0References22
Kitploit
Kitploit
added 2023/05/05 12:30 p.m.39 views

Spartacus - DLL Hijacking Discovery Tool

Why "Spartacus"? If you have seen the film Spartacus from 1960, you will remember the scene where the Romans are asking for Spartacus to give himself up. The moment the real Spartacus stood up, a lot of others stood up as well and claimed to be him using the "I AM SPARTACUS" phrase. When a proces...

7.3AI score
Exploits0References8
Kitploit
Kitploit
added 2023/05/03 12:30 p.m.39 views

Metlo - An Open-Source API Security Platform

Secure Your API. Metlo is an open-source API security platform With Metlo you can: Create an Inventory of all your APIEndpoints and Sensitive Data. Detect common API vulnerabilities. Proactively test your APIs before they go into production. Detect API attacks in real time. Metlo does this by...

8.3AI score
Exploits0References3
Kitploit
Kitploit
added 2023/04/23 12:30 p.m.39 views

Nuclearpond - A Utility Leveraging Nuclei To Perform Internet Wide Scans For The Cost Of A Cup Of Coffee

Nuclear Pond is used to leverage Nuclei in the cloud with unremarkable speed, flexibility, and perform internet wide scans for far less than a cup of coffee. It leverages AWS Lambda as a backend to invoke Nuclei scans in parallel, choice of storing json findings in s3 to query with AWS Athena, an...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2023/04/21 12:30 p.m.39 views

Striker - A Command And Control (C2)

Striker is a simple Command and Control C2 program. Disclaimer This project is under active development. Most of the features are experimental, with more to come. Expect breaking changes. Features A Agents Native agents for linux and windows hosts. Self-contained, minimal python agent should you...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2023/04/03 12:30 p.m.39 views

RedditC2 - Abusing Reddit API To Host The C2 Traffic, Since Most Of The Blue-Team Members Use Reddit, It Might Be A Great Way To Make The Traffic Look Legit

Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.  Disclaimer: Use of this project is for Educational/Testing purposes only. Using it on unauthorised machines is strictly forbidden. If somebody is...

7.6AI score
Exploits0References6
Kitploit
Kitploit
added 2023/01/12 11:30 a.m.39 views

KRIe - Linux Kernel Runtime Integrity With eBPF

KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a bulletproof strategy: from eBPF related limitations to post exploitation detections that might rely on a compromised kernel to emit security events, it is clear that a motivated attacker will...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2023/01/05 11:30 a.m.39 views

ExchangeFinder - Find Microsoft Exchange Instance For A Given Domain And Identify The Exact Version

ExchangeFinder is a simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on the top common DNS names for Microsoft Exchange. ExchangeFinder can identify the exact version of Microsoft Exchange starting from Microsoft Exchange 4.0 to Microsoft Exchange...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2022/10/05 11:30 a.m.39 views

Erlik 2 - Vulnerable-Flask-App

Erlik 2 - Vulnerable-Flask-App Tested - Kali 2022.1 Description It is a vulnerable Flask Web App. It is a lab environment created for people who want to improve themselves in the field of web penetration testing. Features It contains the following vulnerabilities. HTML Injection XSS SSTI SQL...

7.8AI score
Exploits0References2
Kitploit
Kitploit
added 2022/04/11 12:30 p.m.39 views

Wholeaked - A File-Sharing Tool That Allows You To Find The Responsible Person In Case Of A Leakage

wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage. It's written in Go. How? wholeaked gets the file that will be shared and a list of recipients. It creates a unique signature for each recipient and adds it to the file secretly. After then, it ca...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2022/02/04 11:30 a.m.39 views

Elfloader - An Architecture-Agnostic ELF File Flattener For Shellcode

elfloader is a super simple loader for ELF files that generates a flat in-memory representation of the ELF. Pair this with Rust and now you can write your shellcode in a proper, safe, high-level language. Any target that LLVM can target can be used, including custom target specifications for real...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2021/12/03 11:30 a.m.39 views

ClusterFuzzLite - Simple Continuous Fuzzing That Runs In CI

ClusterFuzzLite is a continuous fuzzing solution that runs as part of Continuous Integration CI workflows to find vulnerabilities faster than ever before. With just a few lines of code, GitHub users can integrate ClusterFuzzLite into their workflow and fuzz pull requests to catch bugs before they...

7.6AI score
Exploits0References4
Kitploit
Kitploit
added 2021/11/21 11:30 a.m.39 views

SillyRAT - A Cross Platform Multifunctional (Windows/Linux/Mac) RAT

A Cross Platform multifunctional Windows/Linux/Mac RAT. Getting Started Description A cross platform RAT written in pure Python. The RAT accept commands alongside arguments to either perform as the server who accepts connections or to perform as the client/target who establish connections to the...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2021/10/21 11:30 a.m.39 views

NTFSTool - Forensics Tool For NTFS (Parser, MTF, Bitlocker, Deleted Files)

NTFSTool is a forensic tool focused on NTFS volumes. It supports reading partition info mbr, partition table, vbr but also information on bitlocker encrypted volume, EFS encrypted files and more. See below for some examples of the features! Features Forensics NTFSTool displays the complete...

7.7AI score
Exploits0References30
Kitploit
Kitploit
added 2021/09/27 8:30 p.m.39 views

StreamDivert - Redirecting (Specific) TCP, UDP And ICMP Traffic To Another Destination

StreamDivert is a tool to man-in-the-middle or relay in and outgoing network connections on a system. It has the ability to, for example, relay all incoming SMB connections to port 445 to another server, or only relay specific incoming SMB connections from a specific set of source IP's to another...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2021/09/26 11:30 a.m.39 views

DongTai - An Interactive Application Security testing(IAST) Product That Supports The Detection Of OWASP WEB TOP 10 Vulnerabilities, Multi-Request Related Vulnerabilities (Including Logic Vulnerabilities, Unauthorized Access Vulnerabilities, Etc.), Third-Party Component Vulnerabilities, Etc.

中文版本Chinese version About DongTai IAST DongTai IAST is an open-source passive interactive security testing IAST product. It uses dynamic hooks and taint tracking algorithms to achieve universalvulnerability detection and multiples request associated withvulnerability detection including but not...

7.5AI score
Exploits0References9
Kitploit
Kitploit
added 2021/09/15 8:30 p.m.39 views

Vailyn - A Phased, Evasive Path Traversal + LFI Scanning & Exploitation Tool In Python

Vailyn Phased Path Traversal & LFI Attacks Vailyn 3.0 Since v3.0, Vailyn supports LFI PHP wrappers in Phase 1. Use --lfi to include them in the scan. About Vailyn is a multi-phased vulnerability analysis and exploitation tool for path traversal and file inclusion vulnerabilities. It is built to...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2021/09/01 9:30 p.m.39 views

403Bypasser - Automates The Techniques Used To Circumvent Access Control Restrictions On Target Pages

403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and it is open to contributions. Installation 1. Clone the repository to your machine. git clone https://github.com/yunemse48/403bypasser.git 2. Install...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2021/06/15 9:30 p.m.39 views

TChopper - Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine

New technique I have discovered recently and give it a nickname Chop chop to perform lateral movement using windows services display name and WMI by smuggling the malicious binary as base64 chunks and automate the process using the TChopper tool. How it works the tool will get the file you willin...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2021/06/08 12:30 p.m.39 views

Link - A Command And Control Framework Written In Rust

link is a command and control framework written in rust. Currently in beta. Introduction link provides MacOS, Linux and Windows implants which may lack the necessary evasive tradecraft provided by other more mature command and control frameworks. Tested on Linux only. Features Hopefully this list...

7.2AI score
Exploits0References10
Kitploit
Kitploit
added 2020/08/30 12:30 p.m.39 views

Iblessing - An iOS Security Exploiting Toolkit, It Mainly Includes Application Information Collection, Static Analysis And Dynamic Analysis

iblessing iblessing is an iOS security exploiting toolkit, it mainly includes application information collection , static analysis and dynamic analysis. iblessing is based on unicorn engine and capstone engine. Features Cross-platform: Tested on macOS and Ubuntu. iOS App static info extract,...

7.5AI score
Exploits0References16
Kitploit
Kitploit
added 2020/07/25 1:0 p.m.39 views

AuthMatrix - A Burp Suite Extension That Provides A Simple Way To Test Authorization

AuthMatrix is an extension to Burp Suite that provides a simple way to test authorization in web applications and web services. With AuthMatrix, testers focus on thoroughly defining tables of users, roles, and requests for their specific target application upfront. These tables are structured in ...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2020/07/06 1:0 p.m.39 views

Faxhell - A Bind Shell Using The Fax Service And A DLL Hijack

A Proof-of-Concept bind shell using the Fax service and a DLL hijack based on Ualapi.dll. See our writeup at: https://windows-internals.com/faxing-your-way-to-system/ How to use Build Ualapi.dll and place in c:\windows\system32 Start the Fax service, which will load the DLL and call the export...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2020/04/08 12:0 p.m.39 views

Tentacle - A POC Vulnerability Verification And Exploit Framework

Tentacle is a POC vulnerability verification and exploit framework. It supports free extension of exploits and uses POC scripts. It supports calls to zoomeye, fofa, shodan and other APIs to perform bulk vulnerability verification for multiple targets. Still in DEV... Install pip3 install -r...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2020/01/09 8:50 p.m.39 views

TuxResponse - Linux Incident Response

TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2018/08/23 9:11 p.m.39 views

SharpShooter - Payload Generation Framework

SharpShooter is a payload creation framework for the retrieval and execution of arbitrary CSharp source code. SharpShooter is capable of creating payloads in a variety of formats, including HTA, JS, VBS and WSF. It leverages James Forshaw's DotNetToJavaScript tool to invoke methods from the...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2018/06/06 10:17 p.m.39 views

PhpSploit - Stealth Post-Exploitation Framework

PhpSploit is a remote control framework, aiming to provide a stealth interactive shell-like connection over HTTP between client and web server. It is a post-exploitation tool capable to maintain access to a compromised web server for privilege escalation purposes. Overview The obfuscated...

8.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/02/03 9:7 p.m.39 views

LSB-Steganography - Python program to steganography files into images using the Least Significant Bit

Python program based on stegonographical methods to hide files in images using the Least Significant Bit technique. I used the most basic method which is the least significant bit. A colour pixel is composed of red, green and blue, encoded on one byte. The idea is to store information in the firs...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2017/11/09 1:31 p.m.39 views

enum4linux - Tool for Enumerating Information from Windows and Samba Systems

A Linux alternative to enum.exe for enumerating data from Windows and Samba hosts. Enum4linux is a tool for enumerating information from Windows and Samba systems. It is written in Perl and is basically a wrapper around the Samba tools smbclient, rpclient, net and nmblookup. Key features RID...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2017/09/04 2:30 p.m.39 views

Luckystrike - A PowerShell based utility for the creation of malicious Office macro documents

A PowerShell based utility for the creation of malicious Office macro documents. To be used for pentesting or educational purposes only. Luckystrike is a menu-drive SET style PowerShell-based generator of malicious .xls and .doc documents. All your payloads are saved into a database for easy...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2017/07/24 11:31 p.m.39 views

HoneypotBuster - Microsoft PowerShell Module to Find HoneyPots and HoneyTokens in the Network

Microsoft PowerShell module designed for red teams that can be used to find honeypots and honeytokens in the network or at the host. CodeExecution Execute code on a target machine using Import-Module. Invoke-HoneypotBuster HoneypotBuster is a tool designed to spot Honey Tokens, Honey Bread Crumbs...

7.4AI score
Exploits0References1
Total number of security vulnerabilities5000