Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2018/06/18 10:23 p.m.30 views

SubOver v1.1.1 - A Powerful Subdomain Takeover Tool

Subover is a Hostile Subdomain Takeover tool originally written in python but rewritten from scratch in Golang. Since it's redesign, it has been aimed with speed and efficiency in mind. Till date, SubOver detects 30+ services which is much more than any other tool out there. The tool uses Golang...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2018/05/30 10:11 p.m.30 views

Prowler - Distributed Network Vulnerability Scanner

Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon - HackSmith v1.0. Capabilities Scan a network a particular subnet or a list of IP addresses for all IP addresses associated with active network devices...

7.6AI score
Exploits0References5
Kitploit
Kitploit
added 2018/05/05 1:12 p.m.30 views

SpookFlare v2.0 - Loader, Dropper Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader/dropper generator for Meterpreter, Empire, Koadic etc. SpookFlare has...

7.8AI score
Exploits0References6
Kitploit
Kitploit
added 2018/04/06 8:39 p.m.30 views

C5Scan - Vulnerability Scanner And Information Gatherer For The Concrete5 CMS

Vulnerability scanner and information gatherer for the Concrete5 CMS. Is a little out of date presently pending a refactor. concrete5 is an open-source content management system CMS for publishing content on the World Wide Web and intranets. concrete5 is designed for ease of use, for users with a...

8.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/03/14 12:55 p.m.31 views

JoomScan 0.0.5 - OWASP Joomla Vulnerability Scanner Project

OWASP JoomScan short for Joomla Vulnerability Scanner is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them. WHY OWASP JOOMSCAN ? If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever! This Project is bei...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/20 1:23 p.m.30 views

Autorize - Automatic Authorization Enforcement Detection Extension For Burp Suite

Autorize is an automatic authorization enforcement detection extension for Burp Suite. It was written in Python by Barak Tawily, an application security expert, and Federico Dotta, a security expert at Mediaservice.net. Autorize was designed to help security testers by performing automatic...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/12/26 1:30 p.m.30 views

BruteSpray v1.6.0 - Brute-Forcing from Nmap output (Automatically attempts default creds on found services)

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap. Installation pip install -r requirements.txt On Kali: apt-get install brutespray Usage First do an nmap...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2017/10/21 1:58 p.m.30 views

MIDA-Multitool - Bash Script Purposed For System Enumeration, Vulnerability Identification And Privilege Escalation

Bash script purposed for system enumeration, vulnerability identification and privilege escalation. MIDA Multitool draws functionality from several of my previous scripts namely SysEnum and RootHelper and is in many regards RootHelpers successor. Besides functionality from these two previous...

7AI score
Exploits0References13
Kitploit
Kitploit
added 2017/09/17 9:30 p.m.30 views

Reaver - Attack against Wi-Fi Protected Setup (WPS)

Reaver has been designed to be a robust and practical attack against Wi-Fi Protected Setup WPS registrar PINs in order to recover WPA/WPA2 passphrases. It has been tested against a wide variety of access points and WPS implementations. The original Reaver implements a online brute force attack...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2017/09/16 2:30 p.m.30 views

OWASP ZSC - Shellcode/Obfuscate Code Generator

OWASP ZSC is an open source software in Python language which lets you generate customized shellcodes and convert scripts to an obfuscated script. This software can be run on Windows/Linux/OSX under Python. Usage of shellcodes Shellcodes are small codes in Assembly language which could be used as...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2017/08/10 10:43 p.m.30 views

Pafish - Tool to Detect Sandboxes and Analysis Environments in the Same Way as Malware Families Do

Pafish is a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do. The project is open source, you can read the code of all anti-analysis checks. Scope The objective of this project is to collect usual tricks seen i...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2017/04/09 5:24 p.m.30 views

Nix-Auditor - Nix Audit Made Easier

A script to audit linux and unix distributions based mainly on the CIS standards and universal linux hardening guidelines. The value it brings to your auditing set of tools is: Speed - one can audit OS in less than 120 seconds and get report Accuracy - tested on CentOS and RedHat with 100% accura...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/04/03 1:23 p.m.30 views

nRF24 Playset - Software tools for Nordic Semiconductor nRF24-based Devices like Wireless Keyboards, Mice, and Presenters

The nRF24 Playset is a collection of software tools for wireless input devices like keyboards, mice, and presenters based on Nordic Semiconductor nRF24 transceivers, e.g. nRF24LE1 and nRF24LU1+. All software tools support USB dongles with the nrf-research-firmware by the Bastille Threat...

7.8AI score
Exploits0References2
Kitploit
Kitploit
added 2017/03/26 2:30 p.m.30 views

mosh - Mobile Shell replacement for SSH (more robust and responsive, especially over Wi-Fi, cellular, and long-distance links)

Mosh is a remote terminal application that supports intermittent connectivity, allows roaming, and provides speculative local echo and line editing of user keystrokes. It aims to support the typical interactive uses of SSH, plus: Mosh keeps the session alive if the client goes to sleep and wakes ...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2017/01/10 2:23 p.m.30 views

AutoLocalPrivilegeEscalation - An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically

An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically This script is created due to Hackademics, there are so much possible exploit for that version of kernel, as a rookie OSCP student, I am not able to find out the correct exploit, al...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2017/01/07 2:5 p.m.30 views

Snuck - Automatic XSS filter bypass

snuck is an automated tool that can definitely help in finding XSS vulnerabilities in web applications. It is based on Selenium and supports Mozilla Firefox, Google Chrome and Internet Explorer. The approach, it adopts, is based on the inspection of the injection reflection context and relies on ...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2016/12/31 2:2 p.m.30 views

Commix 1.6 - Automated All-In-One OS Command Injection And Exploitation Tool

Commix short for comm and i njection e x ploiter is an automated tool written by Anastasios Stasinopoulos @ancst that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities...

8.3AI score
Exploits0References15
Kitploit
Kitploit
added 2016/08/30 1:6 p.m.30 views

libenom - Make Fast and Easy Payloads with MSFvenom

Libenom is a tool created for make more easy and fast the creation of payloads with MSFvenom and get all the data generated ordered. Requirements A linux distribution for pentesting or Ubuntu, Debian, Mint Recommended Kali Linux 2.0 sana or 2016.1 rolling, Parrot OS, Blackarch, Dracos ,Lionsec...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2016/07/13 7:32 p.m.30 views

Lynis 2.3.0 - Security Auditing Tool for Unix/Linux Systems

We are excited to announce this major release of auditing tool Lynis. Several big changes have been made to core functions of Lynis. These changes are the next of simplification improvements we made. There is a risk of breaking your existing configuration. Lynis is an open source security auditin...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2015/01/08 9:25 p.m.30 views

WiFiPhisher - Fast automated phishing attacks against WiFi networks

Wifiphisher is a security tool that mounts fast automated phishing attacks against WiFi networks in order to obtain secret passphrases and other credentials. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining...

7.8AI score
Exploits0References1
Kitploit
Kitploit
added 2014/12/05 6:14 p.m.30 views

zANTI 2.0 - Android Network Toolkit

zANTI is a mobile penetration testing toolkit that lets security managers assess the risk level of a network with the push of a button. This easy to use mobile toolkit enables IT Security Administrators to simulate an advanced attacker to identify the malicious techniques they use in the wild to...

7.7AI score
Exploits0
Kitploit
Kitploit
added 2014/10/27 10:44 p.m.30 views

Zarp - Local Network Attack Framework

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once,...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2014/03/24 10:22 p.m.30 views

[AdwCleaner] Removal Tool for Adware, Toolbars and Hijacker

AdwCleaner is a free removal tool for : Adware ads softwares PUP/LPI Potentially Undesirable Program Toolbars Hijacker Hijack of the browser's homepage It works with a Search and Delete mode. It can be easily uninstalled using the mode "Uninstall". It's compatible with Windows XP, Vista, 7, 8, 8....

7.4AI score
Exploits0
Kitploit
Kitploit
added 2014/01/20 5:3 p.m.30 views

[Proxyp] Multithreaded Proxy Enumeration Utility

Proxyp is a small multithreaded Perl script written to enumerate latency, port numbers, server names, & geolocations of proxy IP addresses. This script started as a way to speed up use of proxychains, which is why I've added an append option for resulting live IP addresses to be placed at the end...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2014/01/13 2:36 p.m.30 views

[Kali Linux 1.0.6] with LUKS Self-Destruction Feature

Offensive Security, the creator of the famous BackTrack Linux operating system, has announced on January 9 that a new maintenance release for its Kali Linux distribution is now available for download. Kali Linux 1.0.6 is the first release to introduce an amazing feature called "emergency...

7AI score
Exploits0
Kitploit
Kitploit
added 2013/08/14 2:46 a.m.30 views

[Drozer] The Leading Security Testing Framework for Android.

drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use and share public Android exploits. It helps you to deploy a droze...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2013/08/14 2:35 a.m.30 views

[RIPS] A static source code analyser for vulnerabilities in PHP scripts

RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks potentially vulnerable functions that can be tainted b...

8.3AI score
Exploits0
Kitploit
Kitploit
added 2013/01/30 3:8 p.m.30 views

[Revenssis] Mobile Penetration Testing Suite

Fully featured network, wireless and web app pentesting suitefor Smartphones Nicknamed as the "Smartphone Version of Backtrack", Revenssis Penetration Suite is a set of all the useful types of tools used in Computer and Web Application security. Tools available in it include: Web App scanners,...

7.8AI score
Exploits0
Kitploit
Kitploit
added 2024/01/04 11:30 a.m.29 views

PhantomCrawler - Boost Website Hits By Generating Requests From Multiple Proxy IPs

PhantomCrawler allows users to simulate website interactions through different proxy IP addresses. It leverages Python, requests, and BeautifulSoup to offer a simple and effective way to test website behaviour under varied proxy configurations. Features: Utilizes a list of proxy IP addresses from...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2023/12/02 11:30 a.m.29 views

T3SF - Technical Tabletop Exercises Simulation Framework

T3SF is a framework that offers a modular structure for the orchestration of events based on a master scenario events list MSEL together with a set of rules defined for each exercise optional and a configuration that allows defining the parameters of the corresponding platform. The main module...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2023/10/15 11:30 a.m.29 views

JSpector - A Simple Burp Suite Extension To Crawl JavaScript (JS) Files In Passive Mode And Display The Results Directly On The Issues

JSpector is a Burp Suite extension that passively crawls JavaScript files and automatically creates issues with URLs, endpoints and dangerous methods found on the JS files. Prerequisites Before installing JSpector, you need to have Jython installed on Burp Suite. Installation 1. Download the late...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2023/09/27 11:30 a.m.29 views

WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol

Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexecscheduledjob.py Is a python script which authenticates to a remote WMI instance and execute commands vi...

8AI score
Exploits0References3
Kitploit
Kitploit
added 2023/08/08 12:30 p.m.29 views

Nac_Bypass_Agent - This Function Combines All The Above Functions And Takes Necessary Information From The User To Change The IP And MAC Address, Start The Responder And Tcpdump Tools, And Run The Nbtscan Tool

Nac Bypass Agent This piece of code is a script written in Python and designed to run on Kali Linux. Here is a summary explaining what each function does: runcommandcommand: This function runs the command it takes as input and returns its output. killnetworkservices: This function stops the...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2023/07/04 12:30 p.m.29 views

ScrapPY - A Python Utility For Scraping Manuals, Documents, And Other Sensitive PDFs To Generate Wordlists That Can Be Utilized By Offensive Security Tools

ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate targeted wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks. ScrapPY performs word frequency, entropy, and metadata analysis, a...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2022/08/06 12:30 p.m.29 views

Pict - Post-Infection Collection Toolkit

This set of scripts is designed to collect a variety of data from an endpoint thought to be infected, to facilitate the incident response process. This data should not be considered to be a full forensic data collection, but does capture a lot of useful forensic information. If you want true...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2022/06/11 9:30 p.m.29 views

Pulsar - Data Exfiltration And Covert Communication Tool

Pulsar is a tool for data exfiltration and covert communication that enable you to create a secure data transfer, a bizarre chat or a network tunnel through different protocols, for example you can receive data from tcp connection and resend it to real destination through DNS packets. Setting up...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2022/06/05 9:30 p.m.29 views

Puwr - SSH Pivoting Script For Expanding Attack Surfaces On Local Networks

Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a SSH service, Puwr uses a given subnet range to scope out IP's, sending back any successful ping requests it has. This can be used to expand out an attack surface on a local network, ...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2022/05/29 12:30 p.m.29 views

Hakoriginfinder - Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!

Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does it work? This tool will first make a HTTP request to the hostname that you provide and store the response, then it will make a request to every IP address that you provide vi...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2022/05/25 12:30 p.m.29 views

DroidDetective - A Machine Learning Malware Analysis Framework For Android Apps

A machine learning malware analysis framework for Android apps. DroidDetective is a Python tool for analysing Android applications APKs for potential malware related behaviour and configurations. When provided with a path to an application APK file Droid Detective will make a prediction using it'...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2022/05/18 9:30 p.m.29 views

Cyph - Cryptographically Secure Messaging And Social Networking Service

Cyph is a cryptographically secure messaging and social networking service, providing an extreme level of privacy combined with best-in-class ease of use. Cyph’s patented technology — built by former SpaceX engineers, audited by Cure53, and the basis of research presentations at Black Hat and DEF...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2022/04/25 12:30 p.m.29 views

DDexec - A Technique To Run Binaries Filelessly And Stealthily On Linux Using Dd To Replace The Shell With Another Process

In Linux in order to run a program it must exist as a file, it must be accessible in some way through the file system hierarchy this is just how execve works. This file may reside on disk or in ram tmpfs, memfd but you need a filepath. This has made very easy to control what is run on a Linux...

6.8AI score
Exploits0References4
Kitploit
Kitploit
added 2022/04/03 9:30 p.m.29 views

Phantun - Transforms UDP Stream Into (Fake) TCP Streams That Can Go Through Layer 3 &Amp; Layer 4 (NAPT) firewalls/NATs

Phantun is a project that obfuscated UDP packets into TCP connections. It aims to achieve maximum performance with minimum processing and encapsulation overhead. It is commonly used in environments where UDP is blocked/throttled but TCP is allowed through. Phantun simply converts a stream of UDP...

6.9AI score
Exploits0References4
Kitploit
Kitploit
added 2022/03/14 8:30 p.m.29 views

Lnkbomb - Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares

Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester's machine running Responder or smbserver to gather NTLMv1 or...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2022/03/12 11:30 a.m.29 views

Codecat v0.56 - An Open-Source Tool To Help You Find/Track User Input Sinks And Security Bugs Using Static Code Analysis

CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Current rules for C,C++,GO,Python,javascript,Swift,PHP,Ruby,ASP,Kotlin,Dart and Java.you can create your rules video How too install, step by step:...

7.6AI score
Exploits0References3
Kitploit
Kitploit
added 2022/03/07 8:30 p.m.29 views

Fastfuz-Chrome-Ext - Site Fast Fuzzing With Chorme Extension

Fast fuzzing websites with chrome extension Screenshot Install Add Your Custom Files Open files.txt Paste your file or directory name in line by line Happy Hunting TODO Add response size foundings Add new specific file and directory names Add Extension to chrome extension marketplace Download...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2022/03/03 8:30 p.m.29 views

Chaya - Advance Image Steganography

Chaya protects your privacy through steganography, cryptography and compression. It effectively encrypts your payloads using AES-256-GCM cryptography, embeds them using LSB-LPS steganography technique into images and compresses them using FLIF to evade detection by performing lossless compression...

7.8AI score
Exploits0References5
Kitploit
Kitploit
added 2022/02/26 11:30 a.m.29 views

NTLMRecon - Enumerate Information From NTLM Authentication Enabled Web Endpoints

A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. NTLMRecon is built with flexibilty in mind. Need to run recon on a single URL, an IP address, an...

6.9AI score
Exploits0References4
Kitploit
Kitploit
added 2022/01/02 11:30 a.m.29 views

RiotPot - Resilient IoT And Operational Technology Honeypot

RIoTPot is an interoperable medium interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also capable of emulating other services. This services are loaded in the honeypot in the form of plugins, making RIoTPot a modular, and very transportable honeypot. T...

6.6AI score
Exploits0References3
Kitploit
Kitploit
added 2021/12/24 11:30 a.m.29 views

SQLbit - Just Another Script For Automatize Boolean-Based Blind SQL Injections

A script for automatize boolean-based blind SQL injections. Works with SQLite at least, supports using cookies. It uses bitwise comparisons with multithreading to find cell values instead of binary search, which is more efficient. It's able to: Search cell values by columns in a table Search...

7.8AI score
Exploits0References1
Kitploit
Kitploit
added 2021/12/22 11:30 a.m.29 views

MUI - A GUI Plugin For Binary Ninja To Easily Interact With And View The Progress Of Manticore

With the Manticore User Interface MUI project, we provide a graphical user interface plugin for Binary Ninja to allow users to easily interact with and view progress of the Manticore symbolic execution engine for analysis of smart contracts and native binaries. ATTENTION This project is under...

7.6AI score
Exploits0References3
Total number of security vulnerabilities5000