Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2016/05/02 10:28 p.m.36 views

BlackArch Linux v2016.04.28 - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers. The repository contains 1410 tools. You can install tools individually or in groups. BlackArch Linux is compatible with existing Arch installs. ChangeLog: added new improved BlackArch Linux...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2016/04/13 10:12 p.m.36 views

OnionScan - Onion Services Security Scan

The purpose of this tool is to make you a better onion service provider. You owe it to yourself and your users to ensure that attackers cannot easily exploit and deanonymize. Go Dependencies h12.me/socks - For the Tor SOCKS Proxy connection. github.com/xiam/exif - For EXIF data extraction...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2015/12/21 10:16 p.m.36 views

YaVol - GUI for Volatility Framework and Yara

This is just another GUI for volatility and yara which could make someone's life easier. It is inteded for Incident responders for quick examination of a memory image. Results are stored in sqlite db for reuse. 1. Installation Clone repo git clone https://[email protected]/Ft44k/yavol.git...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2015/07/23 2:1 p.m.36 views

Lynis 2.1.1 - Security Auditing Tool for Unix/Linux Systems

Lynis is an open source security auditing tool. Commonly used by system administrators, security professionals and auditors, to evaluate the security defenses of their Linux/Unix based systems. It runs on the host itself, so it can perform very extensive security scans. Supported operating system...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2015/06/04 4:10 p.m.36 views

PentestBox - Portable Penetration Testing Distribution for Windows Environments

PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 50% of penetration testing distributions users uses windows. So it provides an efficient platform for Penetration Testing on windows platform. Check out demo video: Easy ...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/11/24 11:20 p.m.36 views

Crunch - Password Cracking Wordlist Generator

Crunch is a wordlist generator where you can specify a standard character set or a character set you specify. crunch can generate all possible combinations and permutations. Features crunch generates wordlists in both combination and permutation ways it can breakup output by number of lines or fi...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2014/04/01 10:5 p.m.36 views

SNMPCheck - Enumerate the SNMP devices

Like to snmpwalk, snmpcheck allows you to enumerate the SNMP devices and places the output in a very human readable friendly format. It could be useful for penetration testing or systems monitoring. Distributed under GPL license and based on "Athena-2k" script by jshaw. Features snmpcheck support...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2013/12/23 4:9 p.m.36 views

[Rhino] Java Script Deobfuscate Tool

Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically embedded into Java applications to provide scripting to end users. It is embedded in J2SE 6 as the default Java scripting engine. Rhino-debugger is a Graphical User Interface GUI that enables to debug...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2013/12/18 12:38 a.m.36 views

[Hasere v0.2] Discover vHosts using Google and Bing

Hasere is a tool that can discovery the virtual hosts and related filetype using google and bing search engines. Optionally, it uses the nmap to determine the ip addresses which have 80 or 443 opened port. After that it uses the bing search engine to determine which domains were hosted or have be...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2013/08/29 1:11 a.m.36 views

[Resolver v1.0.9] The reverse/bruteforce DNS lookup

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Resolver features: Resolve a Single IP Resolve an IP Range Resolve IP’s provided in a tex...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2013/08/23 3:10 a.m.36 views

[GoLismero v2.0] The Web Knife

GoLismero is an open source framework for security testing. It's currently geared towards web security, but it can easily be expanded to other kinds of scans. The most interesting features of the framework are: Real platform independence. Tested on Windows, Linux, BSD and OS X. No native library...

7AI score
Exploits0
Kitploit
Kitploit
added 2013/07/24 12:10 a.m.36 views

[HconSTF Pentest Browser] Open Source Penetration Testing / Ethical Hacking Framework

HconSTF is Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessments.contains webtools which are powerful in doing xsscross site scripting, Sql injection,...

7AI score
Exploits0
Kitploit
Kitploit
added 2013/07/04 2:10 a.m.36 views

[Zarp v0.1.2] The Python Network Attack Tool

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2013/01/09 3:24 a.m.36 views

[Netcat] Howto Banner Grabbing, Bind Shell, Reverse Shell And Webserver

Netcat HowTo Banner Grabbing, Bind Shell, Reverse Shell and Webserver Netcat is a computer networking service for reading from and writing network connections using TCP or UDP. Netcat is designed to be a dependable "back-end" device that can be used directly or easily driven by other programs and...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2012/12/29 7:13 p.m.36 views

[Stegano 0.4] Python Steganography Module

Stéganô is a Python Steganography module. Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message, a form of security through obscurity. Consequently, functions provided by Stéga...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2012/11/07 5:32 p.m.36 views

[Dissy] Graphical frontend to the objdump disassembler

Dissy is a graphical frontend to the objdump disassembler. Dissy can be used for debugging and browsing compiler-generated code. Download Dissy...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2024/05/21 12:30 p.m.35 views

Vger - An Interactive CLI Application For Interacting With Authenticated Jupyter Instances

V'ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer , you've found Jupyter credentials, but don't know what you can do with them. V'ger is organized in a format that shoul...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2024/05/17 12:30 p.m.35 views

ShellSweep - PowerShell/Python/Lua Tool Designed To Detect Potential Webshell Files In A Specified Directory

ShellSweep ShellSweeping the evil Why ShellSweep "ShellSweep" is a PowerShell/Python/Lua tool designed to detect potential webshell files in a specified directory. ShellSheep and it's suite of tools calculate the entropy of file contents to estimate the likelihood of a file being a webshell. High...

6.6AI score
Exploits0References1
Kitploit
Kitploit
added 2024/05/04 12:30 p.m.35 views

JS-Tap - JavaScript Payload And Supporting Software To Be Used As XSS Payload Or Post Exploitation Implant To Monitor Users As They Use The Targeted Application

JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients. Changelogs Major changes are documented in the project Announcements:...

5.9AI score
Exploits0References2
Kitploit
Kitploit
added 2024/01/26 11:30 a.m.35 views

Ligolo-Ng - An Advanced, Yet Simple, Tunneling/Pivoting Tool That Uses A TUN Interface

Ligolo-ng is a simple , lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface without the need of SOCKS. Features Tun interface No more SOCKS! Simple UI with agent selection and network information Easy to use and setup...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2023/12/12 11:30 a.m.35 views

NetProbe - Network Probe

NetProbe is a tool you can use to scan for devices on your network. The program sends ARP requests to any IP address on your network and lists the IP addresses, MAC addresses, manufacturers, and device models of the responding devices. Features Scan for devices on a specified IP address or subnet...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2023/12/07 11:30 a.m.35 views

BlueBunny - BLE Based C2 For Hak5's Bash Bunny

C2 solution that communicates directly over Bluetooth-Low-Energy with your Bash Bunny Mark II. Send your Bash Bunny all the instructions it needs just over the air. Overview Structure Installation & Start 1. Install required dependencies pip install pygatt "pygattGATTTOOL" Make sure BlueZ is...

7.8AI score
Exploits0References1
Kitploit
Kitploit
added 2023/12/03 11:30 a.m.35 views

NimExec - Fileless Command Execution For Lateral Movement In Nim

Basically, NimExec is a fileless remote command execution tool that uses The Service Control Manager Remote Protocol MS-SCMR. It changes the binary path of a random or given service run by LocalSystem to execute the given command on the target and restores it later via hand-crafted RPC packets...

8.4AI score
Exploits0References4
Kitploit
Kitploit
added 2023/11/24 11:30 a.m.35 views

Iac-Scan-Runner - Service That Scans Your Infrastructure As Code For Common Vulnerabilities

Service that scans your Infrastructure as Code for common vulnerabilities. Aspect | Information ---|--- Tool name | IaC Scan Runner Docker image | xscanner/runner PyPI package | iac-scan-runner Documentation | docs Contact us | [email protected] Purpose and description The IaC Scan Runner is...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2023/11/13 11:30 a.m.35 views

Hades-C2 - Hades Basic Command And Control Server

Hades is a basic Command & Control server built using Python. It is currently extremely bare bones, but I plan to add more features soon. Features are a work in progress currently. This is a project made mostly for me to learn Malware Development, Sockets, and C2 infrastructure setups. Currently,...

7.7AI score
Exploits0References6
Kitploit
Kitploit
added 2023/09/19 11:30 a.m.35 views

SMShell - Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers

PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came as an insipiration during a research on eSIM security implications led by Markus Vervier, presented at Offensivecon 2023 Disclaimer This is not a complete C2 but rather...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2023/08/03 12:30 p.m.35 views

PrivKit - Simple Beacon Object File That Detects Privilege Escalation Vulnerabilities Caused By Misconfigurations On Windows OS

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS. PrivKit detects following misconfigurations Checks for Unquoted Service Paths Checks for Autologon Registry Keys Checks for Always Install Elevated Registry Keys...

7.7AI score
Exploits0References5
Kitploit
Kitploit
added 2023/07/11 12:30 p.m.35 views

yaraQA - YARA Rule Analyzer To Improve Rule Quality And Performance

YARA rule Analyzer to improve rule quality and performance Why? YARA rules can be syntactically correct but still dysfunctional. yaraQA tries to find and report these issues to the author or maintainer of a YARA rule set. The issues yaraQA tries to detect are e.g.: rules that are syntactically...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2023/06/07 12:30 p.m.35 views

LinkedInDumper - Tool To Dump Company Employees From LinkedIn API

Python 3 script to dump company employees from LinkedIn API Description LinkedInDumper is a Python 3 script that dumps employee data from the LinkedIn social networking platform. The results contain firstname, lastname, position title, location and a user's profile link. Only 2 API calls are...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2023/05/19 12:30 p.m.35 views

KoodousFinder - A Simple Tool To Allows Users To Search For And Analyze Android Apps For Potential Security Threats And Vulnerabilities

A simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities Account and API Key Create a Koodous account and get your api key https://koodous.com/settings/developers Install $ pip install koodousfinder Arguments Param | description ---|-...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2023/02/21 11:30 a.m.35 views

Reverseip_Py - Domain Parser For IPAddress.com Reverse IP Lookup

Domain parser for IPAddress.com Reverse IP Lookup. Writen in Python 3. What is Reverse IP? Reverse IP refers to the process of looking up all the domain names that are hosted on a particular IP address. This can be useful for a variety of reasons, such as identifying all the websites that are...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2022/12/12 11:30 a.m.35 views

Legitify - Detect And Remediate Misconfigurations And Security Risks Across All Your GitHub Assets

Strengthen the security posture of your GitHub organization! Detect and remediate misconfigurations, security and compliance issues across all your GitHub assets with ease Installation 1. You can download the latest legitify release from https://github.com/Legit-Labs/legitify/releases, each archi...

7.5AI score
Exploits0References11
Kitploit
Kitploit
added 2022/12/07 11:30 a.m.35 views

Pylirt - Python Linux Incident Response Toolkit

With this application, it is aimed to accelerate the incident response processes by collecting information in linux operating systems. Features Information is collected in the following contents. /etc/passwd cat /etc/group cat /etc/sudoers lastlog cat /var/log/auth.log uptime/proc/meminfo ps aux...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2022/11/03 11:30 a.m.35 views

VuCSA - Vulnerable Client-Server Application - Made For Learning/Presenting How To Perform Penetration Tests Of Non-Http Thick Clients

Vulnerable Client-Server Application Vulnerable client-server application VuCSA is made for learning/presenting how to perform penetration tests of non-http thick clients. It is written in Java with JavaFX graphical user interface. Currently the vulnerable application contains the following...

8AI score
Exploits0References1
Kitploit
Kitploit
added 2022/09/21 11:30 a.m.35 views

NimGetSyscallStub - Get Fresh Syscalls From A Fresh Ntdll.Dll Copy

Get fresh Syscalls from a fresh ntdll.dll copy. This code can be used as an alternative to the already published awesome tools NimlineWhispers and NimlineWhispers2 by @ajpc500 or ParallelNimcalls. The advantage of grabbing Syscalls dynamically is, that the signature of the Stubs is not included i...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2022/06/27 12:30 p.m.35 views

EmoCheck - Emotet Detection Tool For Windows OS

Emotet detection tool for Windows OS. How to use 1. Download EmoCheck from the Releases page. 2. Run EmoCheck on the host. 3. Check the exported report. Download Please download from the Releases page. Command options since v0.0.2 Specify output directory for the report default: current directory...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2022/06/26 9:30 p.m.35 views

Sealighter - Easy ETW Tracing for Security Research

I created this project to help non-developers dive into researching Event Tracing for Windows ETW and Windows PreProcessor Tracing WPP. Features Subscribe to multiple ETW and WPP Providers at once Automatically parse events into JSON without needing to know format Robust Event filtering including...

7.3AI score
Exploits0References13
Kitploit
Kitploit
added 2022/06/19 12:30 p.m.35 views

Cervantes - Collaborative Platform For Pentesters Or Red Teams Who Want To Save Time To Manage Their Projects, Clients, Vulnerabilities And Reports In One Place

Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place. Features OpenSource Multiplatform Multilanguage Team Collaboration BuiltIn dashbaords and analytics Manage your clients...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2022/06/16 9:30 p.m.35 views

Frostbyte - FrostByte Is A POC Project That Combines Different Defense Evasion Techniques To Build Better Redteam Payloads

FrostByte Progolue: In the past few days I've been experimenting with the AppDomain manager injection technique had a decent success with it in my previous Red Team engagements against certain EDRs. Although, this is really good for initial access vector, I wanted to release a POC which will help...

8.5AI score
Exploits0References7
Kitploit
Kitploit
added 2022/06/04 10:30 p.m.35 views

COM-Hunter - COM Hijacking VOODOO

COM Hijacking VOODOO COM-hunter is a COM Hijacking persistnce tool written in C. This tool was inspired during the RTO course of @zeropointsecltd Features Finds out entry valid CLSIDs in the victim's machine. Finds out valid CLSIDs via Task Scheduler in the victim's machine. Finds out if someone...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2022/05/27 12:30 p.m.35 views

Ransomware-Simulator - Ransomware Simulator Written In Golang

The goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This tool simulates typical ransomware behaviour, such as: Staging from a Word document macro Deleting Volume Shadow Copies Encrypting documents embedded and dropped by the simulator into...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2022/05/23 9:30 p.m.35 views

Frelatage - The Python Fuzzer That The World Deserves

pip3 install frelatage Current release :0.0.7 Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code. The development of Frelatage was inspired by various other fuzzers, including AFL/AFL++, Atheris and PythonFuzz. The main purpose of the project is to take...

7AI score
Exploits0References13
Kitploit
Kitploit
added 2022/04/22 12:30 p.m.35 views

Sub3Suite - A Free, Open Source, Cross Platform Intelligence Gathering Tool

Sub3 Suite is a research-grade suite of tools for Subdomain Enumeration, OSINT Information gathering & Attack Surface Mapping. Supports both manual and automated analysis on variety of target types with many available features & tools. For more information checkout the documentation Screenshots...

6.9AI score
Exploits0References13
Kitploit
Kitploit
added 2022/04/19 9:30 p.m.35 views

Smap - A Drop-In Replacement For Nmap Powered By Shodan.Io

Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments as Nmap and produces the same output which makes it a drop-in replacament for Nmap. Features Scans 200 hosts per second Doesn't require any account/api key Vulnerability detection...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2022/04/10 12:30 p.m.35 views

Poro - Scan Publicly Accessible Assets On Your AWS Cloud Environment

Scan for publicly accessible assets on your AWS environment Services covered by this tool: AWS ELB API Gateway S3 Buckets RDS Databases EC2 instances Redshift Databases Poro also check if a tag you specify is applied to identified public resources using --tag-key and --tag-value arguments...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2022/02/27 8:30 p.m.35 views

DRAKVUF Sandbox - Automated Hypervisor-Level Malware Analysis System

DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished...

7.1AI score
Exploits0References6
Kitploit
Kitploit
added 2022/02/19 11:30 a.m.35 views

Talisman - By Hooking Into The Pre-Push Hook Provided By Git, Talisman Validates The Outgoing Changeset For Things That Look Suspicious

A tool to detect and prevent secrets from getting checked in What is Talisman? Talisman is a tool that installs a hook to your repository to ensure that potential secrets or sensitive information do not leave the developer's workstation. It validates the outgoing changeset for things that look...

6.5AI score
Exploits0References12
Kitploit
Kitploit
added 2022/01/31 8:30 p.m.35 views

RecoverPy - Interactively Find And Recover Deleted Or Overwritten Files From Your Terminal

You can already find plenty of solutions to recover deleted files, but it can be a hassle to recover overwritten files. RecoverPy searches through every block of your partition to find your request. Demo Installation  RecoverPy is currently only available on Linux systems. Dependancies Mandatory...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2021/12/05 11:30 a.m.35 views

AirStrike - Automatically Grab And Crack WPA-2 Handshakes With Distributed Client-Server Architecture

Tool that automates cracking of WPA-2 Wi-Fi credentials using client-server architecture Requirements Airstrike uses Hashcat Brain Architecture, aircrack-ng suite, entr utility and some helper scripts. You can use install.sh script to download all dependencies if you're on system which has an...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2021/10/23 8:30 p.m.35 views

SysFlow - Cloud-native System Telemetry Pipeline

This repository hosts the documentation and issue tracker for all SysFlow projects. Quick reference Documentation : the SysFlow Documentation Where to get help : the SysFlow Community Slack Where to file issues : the github issue tracker Source of this description : repo's readme history Docker...

6.8AI score
Exploits0References11
Total number of security vulnerabilities5000