Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2020/09/16 11:30 a.m.37 views

Croc - Easily And Securely Send Things From One Computer To Another

croc is a tool that allows any two computers to simply and securely transfer files and folders. AFAIK, croc is the only CLI file-transfer tool does all of the following: allows any two computers to transfer data using a relay provides end-to-end encryption using PAKE enables easy cross-platform...

7.2AI score
Exploits0References29
Kitploit
Kitploit
added 2020/09/09 8:30 p.m.37 views

Anchore Engine - A Service That Analyzes Docker Images And Applies User-Defined Acceptance Policies To Allow Automated Container Image Validation And Certification

For the most up-to-date information on Anchore Engine, Anchore CLI, and other Anchore software, please refer to the Anchore Documentation The Anchore Engine is an open-source project that provides a centralized service for inspection, analysis, and certification of container images. The Anchore...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2020/08/26 12:30 p.m.37 views

ezEmu - Simple Execution Of Commands For Defensive Tuning/Research

ezEmu enables users to test adversary behaviors via various execution techniques. Sort of like an "offensive framework for blue teamers ", ezEmu does not have any networking/C2 capabilities and rather focuses on creating local test telemetry. Windows See /Linux for ELF ezEmu is compiled as...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2020/07/17 9:30 p.m.37 views

Steganographer - Hide Files Or Data In Image Files

This Module will hide files inside images currenlty PNG and export the modified image to disk The maximum size of file which can be hidden inside an image depends on the dimension of the image. maxfilesize = heightofimage widthofimage 6 / 8 bytes '100k words.txt' is hidden in 'originalimage.png'...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2020/07/14 12:30 p.m.37 views

X64Dbg - An Open-Source X64/X32 Debugger For Windows

An open-source binary debugger for Windows, aimed at malware analysis and reverse engineering of executables you do not have the source code for. There are many features available and a comprehensive plugin system to add your own. You can find more information on the blog! Screenshots Installatio...

7.3AI score
Exploits0References19
Kitploit
Kitploit
added 2019/08/18 10:10 p.m.37 views

Eyeballer - Convolutional Neural Network For Analyzing Pentest Screenshots

Give those screenshots of yours a quick eyeballing. Eyeballer is meant for large-scope network penetration tests where you need to find "interesting" targets from a huge set of web-based hosts. Go ahead and use your favorite screenshotting tool like normal EyeWitness or GoWitness and then run the...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/08/11 9:47 p.m.37 views

Lynis 2.6.7 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2018/08/07 2:35 p.m.37 views

Whatsapp Automation - A Collection Of Tools For Sending And Recieving Whatsapp Messages

Whatsapp Automation is a collection of APIs that interact with WhatsApp messenger running in an Android emulator, allowing developers to build projects that automate sending and receiving messages, adding new contacts and broadcasting messages multiple contacts. The project uses Selinium, Appium,...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/05/27 2:30 p.m.37 views

iOSRestrictionBruteForce v2.1.0 - Crack iOS Restriction Passcodes With Python

This version of the application is written in Python, which is used to crack the restriction passcode of an iPhone/iPad takes advantage of a flaw in unencrypted backups allowing the hash and salt to be discovered. DEPENDENCIES This has been tested with Python 2.7 and Python 3.6 Requires Passlib...

6.8AI score
Exploits0References2
Kitploit
Kitploit
added 2018/05/23 2:12 p.m.37 views

Dumpzilla - Extract All Forensic Interesting Information Of Firefox, Iceweasel And Seamonkey Browsers

Dumpzilla official site : www.dumpzilla.org http://www.dumpzilla.org "Mozilla browser forensic tool" Manual : Español http://dumpzilla.org/Manualdumpzillaes.txt "Manual en español de dumpzilla" / English http://dumpzilla.org/Manualdumpzillaen.txt "Dumpzilla english Manual" SO : Unix / Win...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2018/05/21 1:30 p.m.37 views

Airpydump - Analyze Wireless Packets On The Fly. Currently Supporting Three Working Modes (Reader, Live, Stealth)

Analyze Wireless Packets on the fly. Currently supporting three working Modes Reader, Live, Stealth Description airpydump is a wireless packet analyzer, providing the interface most likely that of airodump-ng from aircrack suite. It currently provides three working modes which are Reader, Stealth...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/04/19 12:46 p.m.37 views

Sandcat Browser 6.0 - Pentest And Developer-Oriented Web Browser

Sandcat is a lightweight multi-tabbed web browser that combines the speed and power of Chromium and Lua. Sandcat comes with built-in live headers, an extensible user interface and command line console, resource viewer, and many other features that are useful for web developers and pen-testers and...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2017/11/11 1:39 p.m.37 views

TrevorC2 - Command and Control via Legitimate Behavior over HTTP

TrevorC2 is a client/server model for masking command and control through a normally browsable website. Detection becomes much harder as time intervals are different and does not use POST requests for data exfil. There are two components to TrevorC2 - the client and the server. The client can be...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/11/05 1:38 p.m.37 views

wig - WebApp Information Gatherer

wig is a web application information gathering tool, which can identify numerous Content Management Systems and other administrative applications. The application fingerprinting is based on checksums and string matching of known files for different versions of CMSes. This results in a score being...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2017/10/23 9:7 p.m.37 views

OWASP ZAP 2.6.0 - Penetration Testing Tool for Testing Web Applications

The OWASP Zed Attack Proxy ZAP is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It...

7.4AI score
Exploits0References12
Kitploit
Kitploit
added 2017/06/24 2:46 p.m.37 views

Viproy - VoIP Penetration Testing and Exploitation Kit

Viproy Voip Pen-Test Kit provides penetration testing modules for VoIP networks. It supports signalling analysis for SIP and Skinny protocols, IP phone services and network infrastructure. Viproy 2.0 is released at Blackhat Arsenal USA 2014 with TCP/TLS support for SIP, vendor extentions support,...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2017/01/28 8:7 p.m.37 views

OWASP Security Shepherd - Web And Mobile Application Security Training Platform

The OWASP Security Shepherd Project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2017/01/03 2:48 p.m.37 views

mitmAP - Simple Tool to Create a Fake AP and Sniff Data

| / \ | \ | | / /\ | |/ / | ' | | | ' | || / | | | | | | | || | | | | | | | || | || || ||||| || || |/| 2.1 A python program to create a fake AP and sniff data. new in 2.0: SSLstrip2 for HSTS bypass Image capture with Driftnet TShark for command line .pcap capture Features: SSLstrip2 Driftnet...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2016/12/24 2:10 p.m.37 views

Hijacker - Aircrack, Airodump, Aireplay, MDK3 and Reaver GUI Application for Android

Hijacker is a Graphical User Interface for the wireless auditing tools airodump-ng, aireplay-ng and mdk3. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an android device with a wireless adapter that...

7.8AI score
Exploits0References3
Kitploit
Kitploit
added 2016/10/23 1:30 p.m.37 views

Auto_EAP - Automated Brute-Force Login Attacks Against EAP Networks

AutoEAP.py is a script designed to perform automated brute-force authentication attacks against various types of EAP networks. These types of wireless networks provide an interface to facilitate password guessing of domain credentials as radius servers check authentication against Active Director...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2016/09/08 2:35 p.m.37 views

DMitry - Deepmagic Information Gathering Tool

DMitry Deepmagic Information Gathering Tool is a UNIX/GNULinux Command Line Application coded in C language. DMitry has the ability to gather as much information as possible about a host. Base functionality is able to gather possible subdomains, email addresses, uptime information, tcp port scan,...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2016/06/02 10:43 p.m.37 views

WifiChannelMonitor - Monitor APs and Wifi clients on selected channel (Monitor Mode) for Window

WifiChannelMonitor is a utility for Windows that captures wifi traffic on the channel you choose, using Microsoft Network Monitor capture driver in monitor mode, and displays extensive information about access points and the wifi clients connected to them. WifiChannelMonitor also allows you to vi...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2016/04/26 10:12 p.m.37 views

PenQ - The Security Testing Browser Bundle

PenQ is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and many more. PenQ is not just ...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2016/03/15 10:21 p.m.37 views

SSLyze - Fast And Full-Featured SSL Scanner

SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers. Key features include: Multi-processed and multi-threaded...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2016/02/18 10:30 p.m.37 views

PyScan-Scanner - Vulnerability Scanner With Custom Payload

REQUIRE urllib2 BeautifulSoup requests START Change database information $bdd = new PDO'mysql:host=localhost;dbname=pyscan', 'user', 'password'; Update a Python gate panelurl = "http://localhost/pyscan/" gatescraper = "cmd/gate.php" gatescanner = "cmd/scan.php" gatevuln = "cmd/vuln.php" gatepaylo...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2015/12/23 10:46 p.m.37 views

Cookiescanner - Tool to Check the Cookie Flag for a Multiple Sites

Tool to do more easy the web scan proccess to check if the secure and HTTPOnly flags are enabled in the cookies path and expires too. This tools allows probe multiple urls through a input file, by a google domain looking in all subdomains or by a unique url. Also, supports multiple output like...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2015/10/06 9:42 p.m.37 views

ZeroNet - Decentralized websites using Bitcoin crypto and BitTorrent network

Decentralized websites using Bitcoin crypto and the BitTorrent network - http://zeronet.io Why? We believe in open, free, and uncensored network and communication. No single point of failure: Site remains online so long as at least 1 peer serving it. No hosting costs: Sites are served by visitors...

7.8AI score
Exploits0References5
Kitploit
Kitploit
added 2015/04/04 11:20 p.m.37 views

Woodpecker hash Bruteforce - Multithreaded program to perform a brute-force attack against a hash

Woodpecker hash Bruteforce is a fast and easy-to-use multithreaded program to perform a brute-force attack against a hash. It supports many common hashing algorithms such as md5, sha1, etc. It runs on Windows and Mac OS. You can use dictionary, alphabet-based or random bruteforce. Here you can...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2015/02/19 10:30 p.m.37 views

SubBrute - Subdomain Bruteforcer

SubBrute is a community driven project with the goal of creating the fastest, and most accurate subdomain enumeration tool. Some of the magic behind SubBrute is that it uses open resolvers as a kind of proxy to circumvent DNS rate-limiting https://www.us-cert.gov/ncas/alerts/TA13-088A. This desig...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2014/04/22 5:16 p.m.37 views

Instant PDF Password Remover v3.5 - Free PDF Password & Restrictions Removal Tool

Instant PDF Password Remover is the FREE tool to instantly remove Password of protected PDF document. It can remove both User & Owner password along with all PDF file restrictions such as Copy, Printing, Screen Reader etc. Often we receive password protected PDF documents in the form of mobile...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2014/03/02 9:13 p.m.37 views

[Responder] a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server

Responder is a LLMNR and NBT-NS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. This tool is first an LLMNR and NBT-NS responder, it will answer to specific NBT-NS NetBIOS Name...

7.9AI score
Exploits0References3
Kitploit
Kitploit
added 2013/12/31 4:44 p.m.37 views

[Watcher] passive Web-security scanner

Watcher is a runtime passive-analysis tool for HTTP-based Web applications. Being passive means it won't damage production systems, it's completely safe to use in Cloud computing, shared hosting, and dedicated hosting environments. Watcher detects Web-application security issues as well as...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2013/12/20 5:27 p.m.37 views

[SSLDigger v1.02] Tool to assess the strength of SSL

SSLDigger v1.02 is a tool to assess the strength of SSL servers by testing the ciphers supported. Some of these ciphers are known to be insecure. Features: full Browser Support using Microsoft Internet Explorer Browser Control support for operating the tool in batch modefor operating on multiple...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2013/06/19 3:14 a.m.37 views

[Dradis Pro v1.7] Framework to enable effective information sharing

Dradis Pro is framework to enable effective information sharing, specially during security assessments. Dradis is a self-contained web application that provides a centralised repository of information to keep track of what has been done so far, and what is still ahead. Changelog v1.7 This is the...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2013/01/09 6:47 a.m.37 views

36 Windows Tools For Penetration Testing

Most penetration testers are using either a Mac or a Linux-based platform in order to perform their penetration testing activities.However it is always a good practice to have and a Windows virtual machine with some tools ready to be used for the engagement.The reason for this is that although...

7.9AI score
Exploits0
Kitploit
Kitploit
added 2024/03/12 11:38 p.m.36 views

Gtfocli - GTFO Command Line Interface For Easy Binaries Search Commands That Can Be Used To Bypass Local Security Restrictions In Misconfigured Systems

GTFOcli it's a Command Line Interface for easy binaries search commands that can be used to bypass local security restrictions in misconfigured systems. Installation Using go: go install github.com/cmd-tools/gtfocli@latest Using homebrew: brew tap cmd-tools/homebrew-tap brew install gtfocli Using...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2024/01/27 11:30 a.m.36 views

Route-Detect - Find Authentication (Authn) And Authorization (Authz) Security Bugs In Web Application Routes

Find authentication authn and authorization authz security bugs in web application routes: Web application HTTP route authn and authz bugs are some of the most common security issues found today. These industry standard resources highlight the severity of the issue: 2021 OWASP Top 10 1 - Broken...

7.7AI score
Exploits0References3
Kitploit
Kitploit
added 2023/12/21 11:30 a.m.36 views

Linpmem - A Physical Memory Acquisition Tool For Linux

Like its Windows counterpart, Winpmem, this is not a traditional memory dumper. Linpmem offers an API for reading from any physical address, including reserved memory and memory holes , but it can also be used for normal memory dumping. Furthermore, the driver offers a variety of access modes to...

6.6AI score
Exploits0References8
Kitploit
Kitploit
added 2023/12/06 7:48 p.m.36 views

Kali Linux 2023.4 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2023.4. This release has various impressive updates. The summary of the changelog since the 2023.3 release from August is: Cloud ARM64 - Now marketplaces on Amazon AWS and Microsoft Azure have ARM64 option Vagrant Hyper-V - Our Vagrant offering...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2023/10/13 12:29 p.m.36 views

Pyxamstore - Python Utility For Parsing Xamarin AssemblyStore Blob Files

This is an alpha release of an assemblies.blob AssemblyStore parser written in Python. The tool is capable of unpack and repackaging assemblies.blob and assemblies.manifest Xamarin files from an APK. Installing Run the installer script: python setup.py install You can then use the tool by calling...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2023/09/17 11:30 a.m.36 views

Promptmap - Automatically Tests Prompt Injection Attacks On ChatGPT Instances

Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to do unintended actions. promptmap is a tool that automatically tests prompt...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2023/08/22 12:30 p.m.36 views

AD_Enumeration_Hunt - Collection Of PowerShell Scripts And Commands That Can Be Used For Active Directory (AD) Penetration Testing And Security Assessment

Description Welcome to the AD Pentesting Toolkit! This repository contains a collection of PowerShell scripts and commands that can be used for Active Directory AD penetration testing and security assessment. The scripts cover various aspects of AD enumeration, user and group management, computer...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2023/07/25 1:14 p.m.36 views

Wallet-Transaction-Monitor - This Script Monitors A Bitcoin Wallet Address And Notifies The User When There Are Changes In The Balance Or New Transactions

This script monitors a Bitcoin wallet address and notifies the user when there are changes in the balance or new transactions. It provides real-time updates on incoming and outgoing transactions, along with the corresponding amounts and timestamps. Additionally, it can play a sound notification o...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2023/06/04 12:30 p.m.36 views

MAAD-AF - MAAD Attack Framework - An Attack Tool For Simple, Fast And Effective Security Testing Of M365 And Azure AD

MAAD-AF is an open-source cloud attack tool developed for testing security of Microsoft 365 & Azure AD environments through adversary emulation. MAAD-AF provides security practitioners easy to use attack modules to exploit configurations across different M365/AzureAD cloud-based tools & services...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2023/04/25 12:30 p.m.36 views

auditpolCIS - CIS Benchmark Testing Of Windows SIEM Configuration

CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings against the CIS Benchmark recommended settings. A few points: The tested system was Windows Server 2019, and the benchmark used was also Windows Server 2019. T...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2023/04/09 12:30 p.m.36 views

SilentMoonwalk - PoC Implementation Of A Fully Dynamic Call Stack Spoofer

PoC Implementation of a fully dynamic call stack spoofer TL;DR SilentMoonwalk is a PoC implementation of a fully dynamic call stack spoofer, implementing a technique to remove the original caller from the call stack, using ROP to desynchronize unwinding from control flow. Authors This PoC is the...

7.2AI score
Exploits0References7
Kitploit
Kitploit
added 2023/03/18 11:30 a.m.36 views

Ator - Authentication Token Obtain and Replace Extender

The plugin is created to help automated scanning using Burp in the following scenarios: 1. Access/Refresh token 2. Token replacement in XML,JSON body 3. Token replacement in cookies The above can be achieved using complex macro, session rules or Custom Extender in some scenarios. The rules become...

7.8AI score
Exploits0References4
Kitploit
Kitploit
added 2023/03/13 11:30 a.m.36 views

Graphicator - A GraphQL Enumeration And Extraction Tool

Graphicator is a GraphQL "scraper" / extractor. The tool iterates over the introspection document returned by the targeted GraphQL endpoint, and then re-structures the schema in an internal form so it can re-create the supported queries. When such queries are created is using them to send request...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2023/02/14 11:30 a.m.36 views

Invoke-Transfer - PowerShell Clipboard Data Transfer

Invoke-Transfer Invoke-Transfer is a PowerShell Clipboard Data Transfer. This tool helps you to send files in highly restricted environments such as Citrix, RDP, VNC, Guacamole.. using the clipboard function. As long as you can send text through the clipboard, you can send files in text format, i...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2023/01/22 11:30 a.m.36 views

Popeye - A Kubernetes Cluster Resource Sanitizer

Popeye - A Kubernetes Cluster Sanitizer Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what's deployed and not what's sitting on disk. By scanning your cluster, it detects...

6.7AI score
Exploits0References7
Total number of security vulnerabilities5000