Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2014/04/24 12:7 a.m.29 views

Hash Kracker v2.5 - All-in-one Hash Password Recovery Software

Hash Kracker is the free all-in-one tool to recover the hash password for multiple hash types. Currently it supports password recovery from following popular Hash types MD5 SHA1 SHA256 SHA384 SHA512 It uses dictionary based cracking method which makes the cracking operation simple and easier...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2014/01/23 4:6 p.m.29 views

[Wireless IDS] Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets

Wireless IDS is an open source tool written in Python and work on Linux environment. This tool will sniff your surrounding air traffic for suspicious activities such as WEP/WPA/WPS attacking packets. It do the following Detect mass deauthentication sent to client / access point which unreasonable...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2013/12/27 12:0 a.m.29 views

[Wifitap] WLAN Traffic Injection Tool

Wifitap is a proof of concept for communication over WLAN networks using traffic injection. Wifitap allows direct communication with an associated station to a given access point directly, whilst not being being associated ourselves or being handled by access point. Wifitap is written in Python,...

7.7AI score
Exploits0
Kitploit
Kitploit
added 2013/12/20 5:37 p.m.29 views

[SSLSmart] Smart SSL Cipher Enumeration

SSLSmart is a highly flexible and interactive tool aimed at improving efficiency and reducing false positives during SSL testing. A number of tools allow users to test for supported SSL ciphers suites, but most only provide testers with a fixed set of cipher suites. Further testing is performed b...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2013/08/27 4:1 a.m.29 views

[oclHashcat-plus v0.15] Advanced Password Recovery

This version is the result of over 6 months of work, having modified 618,473 total lines of source code. Before we go into the details of the changes, here's a quick summary of the major changes: Added support for cracking passwords longer than 15 characters Added support for mask-files, which...

8.1AI score
Exploits0
Kitploit
Kitploit
added 2013/03/05 4:26 p.m.29 views

[Weevely] PHP Stealth Tiny Web Shell

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation, and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...

8.4AI score
Exploits0References2
Kitploit
Kitploit
added 2013/02/20 6:20 p.m.29 views

[NetworkMiner v1.4.1] Network Forensic Analysis Tool (NFAT)

NetworkMiner is a Network Forensic Analysis Tool NFAT for Windows but also works in Linux / Mac OS X / FreeBSD. NetworkMiner can be used as a passive network sniffer/packet capturing tool in order to detect operating systems, sessions, hostnames, open ports etc. without putting any traffic on the...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2024/04/08 12:30 p.m.28 views

CloudGrappler - A purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure

Permiso: https://permiso.io Read our release blog: https://permiso.io/blog/cloudgrappler-a-powerful-open-source-threat-detection-tool-for-cloud-environments CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2024/02/26 11:30 a.m.28 views

BackDoorSim - An Educational Into Remote Administration Tools

BackdoorSim is a remote administration and monitoring tool designed for educational and testing purposes. It consists of two main components: ControlServer and BackdoorClient. The server controls the client, allowing for various operations like file transfer, system monitoring, and more. Disclaim...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2024/01/06 11:30 a.m.28 views

Valid8Proxy - Tool Designed For Fetching, Validating, And Storing Working Proxies

Valid8Proxy is a versatile and user-friendly tool designed for fetching, validating, and storing working proxies. Whether you need proxies for web scraping, data anonymization, or testing network security, Valid8Proxy simplifies the process by providing a seamless way to obtain reliable and...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2023/12/18 11:30 a.m.28 views

MacMaster - MAC Address Changer

MacMaster is a versatile command line tool designed to change the MAC address of network interfaces on your system. It provides a simple yet powerful solution for network anonymity and testing. Features Custom MAC Address: Set a specific MAC address to your network interface. Random MAC Address:...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2023/09/27 11:30 a.m.28 views

WMIExec - Set Of Python Scripts Which Perform Different Ways Of Command Execution Via WMI Protocol

Set of python scripts which perform different ways of command execution via WMI protocol. Blog Post https://whiteknightlabs.com/2023/06/26/navigating-stealthy-wmi-lateral-movement/ Usage wmiexecscheduledjob.py Is a python script which authenticates to a remote WMI instance and execute commands vi...

8AI score
Exploits0References3
Kitploit
Kitploit
added 2023/07/09 12:30 p.m.28 views

Acltoolkit - ACL Abuse Swiss-Knife

acltoolkit is an ACL abuse swiss-army knife. It implements multiple ACL abuses. Installation pip install acltoolkit-ad or git clone https://github.com/zblurx/acltoolkit.git cd acltoolkit make Usage usage: acltoolkit -h -debug -hashes LMHASH:NTHASH -no-pass -k -dc-ip ip address -scheme ldap scheme...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2023/06/22 12:30 p.m.28 views

EndExt - Go Tool For Extracting All The Possible Endpoints From The JS Files

EndExt is a .go tool for extracting all the possible endpoints from the JS files Idea When you crawll all the JS files from waybackruls for example, or even collecting the JS files urls from your target website's home source page .. If the website was using API system and you wanna look for all t...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2023/06/02 12:30 p.m.28 views

Graphcat - Generate Graphs And Charts Based On Password Cracking Result

Simple script to generate graphs and charts on hashcat and john potfile and ntds Install git clone https://github.com/Orange-Cyberdefense/graphcat cd graphcat pip install . Helper $ graphcat.py -h usage: graphcat.py -h -potfile hashcat.potfile -hashfile hashfile.txt -john -format FORMAT...

7.4AI score
Exploits0References8
Kitploit
Kitploit
added 2023/05/26 12:30 p.m.28 views

EntropyReducer - Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists

EntropyReducer: Reduce The Entropy Of Youre Payload And Obfuscate It With Serialized Linked Lists How Does It Work EntropyReducer algorithm is determined by BUFFSIZE and NULLBYTES values. The following is how would EntropyReducer organize your payload if BUFFSIZE was set to 4 , and NULLBYTES to 2...

7.5AI score
Exploits0References23
Kitploit
Kitploit
added 2023/05/06 12:30 p.m.28 views

Fuzztruction - Prototype Of A Fuzzer That Does Not Directly Mutate Inputs (As Most Fuzzers Do) But Instead Uses A So-Called Generator Application To Produce An Input For Our Fuzzing Target

Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs as most fuzzers do but instead uses a so-called generator application to produce an input for our fuzzing target. As programs generating data usually produce the correct representation, our fuzzer mutates the...

7.4AI score
Exploits0References14
Kitploit
Kitploit
added 2023/04/07 12:30 p.m.28 views

WindowSpy - A Cobalt Strike Beacon Object File Meant For Targetted User Surveillance

WindowSpy is a Cobalt Strike Beacon Object File meant for targetted user surveillance. The goal of this project was to trigger surveillance capabilities only on certain targets, e.g. browser login pages, confidential documents, vpn logins etc. The purpose was to increase stealth during user...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2022/08/06 12:30 p.m.28 views

Pict - Post-Infection Collection Toolkit

This set of scripts is designed to collect a variety of data from an endpoint thought to be infected, to facilitate the incident response process. This data should not be considered to be a full forensic data collection, but does capture a lot of useful forensic information. If you want true...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2022/07/02 12:30 p.m.28 views

Microsoft-365-Extractor-Suite - A Set Of PowerShell Scripts That Allow For Complete And Reliable Acquisition Of The Microsoft 365 Unified Audit Log

This suite of scripts contains two different scripts that can be used to acquire the Microsoft 365 Unified Audit Log Read the accompanying blog post on https://invictus-ir.medium.com/introduction-of-the-microsoft-365-extractor-suite-b85e148d4bfe 1. Microsoft365Extractor , the original script stem...

6.6AI score
Exploits0References1
Kitploit
Kitploit
added 2022/06/16 12:30 p.m.28 views

Admin-Panel_Finder - A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces (OTG-CONFIG-005)

A burp suite extension that enumerates infrastructure and application Admin Interfaces. OWASP References: Classification : Web Application Security Testing 02-Configuration and Deployment Management Testing OTG v4 : OWASP OTG-CONFIG-005 WSTG : WSTG-CONF-05 Why should I use this extension?...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2022/05/26 9:30 p.m.28 views

Pocsploit - A Lightweight, Flexible And Novel Open Source Poc Verification Framework

pocsploit is a lightweight, flexible and novel open source poc verification framework Pain points of the POC framework in the market 1. There are too many params, I don't know how to get started, but only some of them are commonly used. 2. YAML poc frameworklike nuclei & xray is not flexible...

6.8AI score
Exploits0References4
Kitploit
Kitploit
added 2022/05/18 12:30 p.m.28 views

ShadowClone - Unleash The Power Of Cloud

ShadowClone allows you to distribute your long running tasks dynamically across thousands of serverless functions and gives you the results within seconds where it would have taken hours to complete. You can make full use of the Free Tiers provided by cloud providers and supercharge your mundane...

7.7AI score
Exploits0References6
Kitploit
Kitploit
added 2022/05/10 12:30 a.m.28 views

AutoResponder - Carbon Black Response IR Tool

What is it? AutoResponder is a tool aimed to help people to carry out their Incident Response tasks WITH the help of Carbon Black Response's awesome capabilities and WITHOUT much bothering IT/System/Network Teams What can it do? Module | ✔️ / ❌ ---|--- Delete Files | ✔️ Delete Registry Values | ✔️...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2022/05/04 9:30 p.m.28 views

Cliam - Multi Cloud IAM Permissions Enumeration Tool

Multi cloud iam permissions enumeration tool. Currently covers: AWS GCP TODO Azure TODO Oracle Description Cliam is a simple cloud permissions identifier. There are two main components to the CLI. Most of the enumerated permissions are list, describe or get permissions. Only permissions that does...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2022/04/28 12:30 p.m.28 views

Rip Raw - Small Tool To Analyse The Memory Of Compromised Linux Systems

Rip Raw is a small tool to analyse the memory of compromised Linux systems. It is similar in purpose to Bulk Extractor, but particularly focused on extracting system Logs from memory dumps from Linux systems. This enables you to analyse systems without needing to generate a profile. This is not a...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2022/04/26 12:30 p.m.28 views

Bore - Simple CLI Tool For Making Tunnels To Localhost

A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does: no more, and no less. Installation requires Rust cargo install bore-cli On your local machine bore local 8000 --to bore.pub This will expose your local...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2022/04/03 9:30 p.m.28 views

Phantun - Transforms UDP Stream Into (Fake) TCP Streams That Can Go Through Layer 3 &Amp; Layer 4 (NAPT) firewalls/NATs

Phantun is a project that obfuscated UDP packets into TCP connections. It aims to achieve maximum performance with minimum processing and encapsulation overhead. It is commonly used in environments where UDP is blocked/throttled but TCP is allowed through. Phantun simply converts a stream of UDP...

6.9AI score
Exploits0References4
Kitploit
Kitploit
added 2022/03/26 11:30 a.m.28 views

Zkar - A Java Serialization Protocol Analysis Tool Implement In Go

ZKar is a Java serialization protocol analysis tool implement in Go. This tool is still work in progress , so no complete API document and contribution guide. ZKar provides: A Java serialization payloads parser and viewer in pure Go, no CGO or JDK is required From the Java serialization protocol ...

7.5AI score
Exploits0References6
Kitploit
Kitploit
added 2022/01/12 11:30 a.m.28 views

RAUDI - A Repo To Automatically Generate And Keep Updated A Series Of Docker Images Through GitHub Actions

RAUDI Regularly and Automatically Updated Docker Images automatically generates and keep updated a series of Docker Images through GitHub Actions for tools that are not provided by the developers. What is RAUDI RAUDI is what will save you from creating and managing a lot of Docker Images manually...

7.3AI score
Exploits0References28
Kitploit
Kitploit
added 2021/12/08 2:18 a.m.28 views

KaliIntelligenceSuite - Shall Aid In The Fast, Autonomous, Central, And Comprehensive Collection Of Intelligence By Executing Standard Penetration Testing Tools

Kali Intelligence Suite KIS shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by automatically: executing Kali Linux tools e.g., dnsrecon, gobuster, hydra, nmap, etc. querying publicly available APIs e.g., Censys.io, Haveibeenpwned.com, Hunter.io,...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2021/11/16 11:30 a.m.28 views

Fhex - A Full-Featured HexEditor

This project is born with the aim to develop a lightweight, but useful tool. The reason is that the existing hex editors have some different limitations e.g. too many dependencies, missing hex coloring features, etc.. This project is based on qhexedit2 , capstone and keystone engines. New feature...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2021/11/15 11:30 a.m.28 views

Cumulus - Web Application Weakness Monitoring, It Would Be Working By Add Just 3 Codelines

Cumulus is a service that helps you monitor and fix security weakness in realtime. The issues will be reported on web dashboard. It's very simple and powerful. Key features Just install SDK to web front, can be found security weakness on service SDK detect weakness from Inner Layer, dinamically e...

6.7AI score
Exploits0References10
Kitploit
Kitploit
added 2021/11/10 8:30 p.m.28 views

FormatFuzzer - A Framework For High-Efficiency, High-Quality Generation And Parsing Of Binary Inputs

FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes the format of a binary input and generates an executable that produces and parses the given binary format. From a binary template for GIF, for instance,...

6.8AI score
Exploits0References9
Kitploit
Kitploit
added 2021/11/09 11:30 a.m.28 views

Ddosify - High-performance Load Testing Tool

Features Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way. Scenario-Based - Create your flow in a JSON file. Without a line of code! Different Load Types - Test your system's limits across different load types. Installation ddosify is available via...

6.9AI score
Exploits0References7
Kitploit
Kitploit
added 2021/11/02 8:30 p.m.28 views

ADLab - Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice Penetration Testing

The purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing. Credits to Joe Helle and his PowerShell for Pentesters course regarding the generation of the attack vectors. Instructions Preparation Optional but recommended: Move...

7.4AI score
Exploits0References2
Kitploit
Kitploit
added 2021/10/26 12:6 a.m.28 views

Webdiscover - The Purpose Of This Script Is To Automate The Web Enumeration Process And Search For Exploits

The purpose of this script is to automate the web enumeration process and search for exploits and vulns. Added Tools dependencies are installed during script execution: seclist ffuf namelist dnsrecon subfinder whatweb gospider nuclei searchsploit go-exploitdb It creates a directory with the scan...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2021/09/30 11:30 a.m.28 views

SharpML - Machine Learning Network Share Password Hunting Toolkit

SharpML is a proof of concept file share data mining tool using Machine Learning in Python and C. The tool is discussed in more detail on our blog here, but is summarised below also: SharpML is C and Python based tool that performs a number of operations with a view to mining file shares, queryin...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2021/09/16 3:0 a.m.28 views

Kali Linux 2021.3 - Penetration Testing and Ethical Hacking Linux Distribution

Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates. A summary of the changes since the 2021.2 release from June are: OpenSSL - Wide compatibility by default - Keep reading for what that means New Kali-Tools site - Following the footsteps of...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/09/24 11:30 a.m.28 views

SitRep - Extensible, Configurable Host Triage

SitRep is intended to provide a lightweight, extensible host triage alternative. Checks are loaded dynamically at runtime from stand-alone files. This allows operators to quickly modify existing checks, or add new checks as required. Checks are grouped by category and can be marked as OpSec...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2020/07/28 12:30 p.m.28 views

Intelspy - Perform Automated Network Reconnaissance Scans

Perform automated network reconnaissance scans to gather network intelligence. IntelSpy is a multi-threaded network intelligence spy tool which performs automated enumeration of network services. It performs live hosts detection scans, port scans, services enumeration scans, web content scans,...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/07/14 9:30 p.m.28 views

Maskprocessor - High-Performance Word Generator With A Per-Position Configureable Charset

High-Performance word generator with a per-position configureable charset Mask attack Try all combinations from a given keyspace just like in Brute-Force attack, but more specific. Advantage over Brute-Force The reason for doing this and not to stick to the traditional Brute-Force is that we want...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2020/07/04 12:30 p.m.28 views

GoGhost - High Performance, Lightweight, Portable Open Source Tool For Mass SMBGhost Scan

GoGhost is a High Performance, lightweight, portable Open Source tool for mass SMBGhost Scan. Installation You can download Windows Binary or Linux Binary. Alternatively, GoGhost uses native Golang libraries so the line above would be fine to compile it: go build GoGhost.go Usage Options GoGhost...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2020/05/04 12:30 p.m.28 views

Invoker - Penetration Testing Utility

Penetration testing utility. The goal is to use this tool when access to some Windows OS features through GUI is restricted. Some features require administrative privileges. Capabilities: invoke the Command Prompt and PowerShell, download a file, schedule a task, add a registry key, connect to a...

7.6AI score
Exploits0References6
Kitploit
Kitploit
added 2019/11/12 9:0 p.m.28 views

Rsdl - Subdomain Scan With Ping Method

Subdomain Scan With Ping Method. Flags | Value | Description ---|---|--- --hostname | example.com | Domain for scan. --output | | Records the output with the domain name. --list | /tmp/lists/example.txt | Lister for subdomains. Installation go get github.com/tismayil/rsdl clone repo and build go...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/12/18 2:30 p.m.28 views

Hashie - Crack Hashes In A Blink Of An Eye

Hashie is a multi functional tool written in python to deal with hashes. Features Hash cracking. Hash generation. Automatic hash type identification. Supports MD5, SHA1, SHA256, SHA384, SHA512 etc... How to Install and Run in Linux 1 Enter the following command in the terminal to download it. git...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/08/13 8:40 p.m.28 views

CMSeeK v1.0.7 - CMS Detection And Exploitation Suite (Scan WordPress, Joomla, Drupal And 50 Other CMSs)

What is a CMS? A content management system CMS manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Release History - Version 1.0.7 07-08-2018 - Version 1.0.6...

7.1AI score
Exploits0References4
Kitploit
Kitploit
added 2018/08/03 9:26 p.m.28 views

Portforge.Cr - A Script Which Opens Multiple Sockets From A Specific Port Range You Input

This script is intended to open as many sockets as you which between 1024 - 65535. Lower than 1024 works too but you have to be a root user for that. This can be useful when you don't want people to map out your device and see what you're running and not, so it's a small step to defeat...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2018/06/28 12:50 a.m.28 views

Idisagree - Control Remote Computers Using Discord Bot

Control remote computers using discord bot and python 3. ! If your target is a windows system, you may want to compile your payload. Do this with py2exe or pyinstaller. MAINTAINERS Alisson Moretto | Twitter: @A1S0N Github: @A1S0N PREREQUISITES Python 3.x pip3 subprocess from python3 Discord from...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2018/06/24 2:17 p.m.28 views

Mquery - YARA Malware Query Accelerator (Web Frontend)

Ever had trouble searching for particular malware samples? This project is an analyst-friendly web GUI to look through your digital warehouse. mquery can be used to search through terabytes of malware in a blink of an eye: Thanks to the UrsaDB database, queries on large datasets can be extremely...

7.1AI score
Exploits0References2
Total number of security vulnerabilities5000