Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2018/03/30 8:39 p.m.347 views

B4Tm4N - PHP WEBSHELL

Features 0 File Manager 1 Sec. Info 2 Simply Database 3 Interactive terminal 4 PHP Reverse Back Connect 5 Run PHP Code 6 Custom Toolz 7 Self Script Encryptor ! Download B4Tm4N...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2019/01/18 8:23 p.m.346 views

Recaf - A Modern Java Bytecode Editor

Recaf is an open-source Java bytecode editor built on top of Objectweb's ASM. ASM is a bytecode manipulation library that abstracts away the constant pool and a few other class-file attributes. Since keeping track of the constant pool and managing proper stackframes are no longer necessary, compl...

7.5AI score
Exploits0References8
Kitploit
Kitploit
added 2021/05/30 9:30 p.m.344 views

Kaiju - A Binary Analysis Framework Extension For The Ghidra Software Reverse Engineering Suite

CERT Kaiju is a collection of binary analysis tools for Ghidra. This is a Ghidra/Java implementation of some features of the CERT Pharos Binary Analysis Framework, particularly the function hashing and malware analysis tools, but is expected to grow new tools and capabilities over time. As this i...

6.6AI score
Exploits0References4
Kitploit
Kitploit
added 2019/11/15 12:0 p.m.343 views

Evil-Winrm v1.9 - The Ultimate WinRM Shell For Hacking/Pentesting

This shell is the ultimate WinRM shell for hacking/pentesting. WinRM Windows Remote Management is the Microsoft implementation of WS-Management Protocol. A standard SOAP based protocol that allows hardware and operating systems from different vendors to interoperate. Microsoft included it in thei...

7.2AI score
Exploits0References17
Kitploit
Kitploit
added 2019/07/06 1:0 p.m.343 views

Youzer - Fake User Generator For Active Directory Environments

Fake User Generator for Active Directory Environments Introduction The goal of Youzer is to create information rich Active Directory environments. This uses the python3 library 'faker' to generate random accounts. pip3 install faker You can either supply a wordlist or have the passwords generated...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/02/08 8:46 p.m.342 views

OSFMount - Mount Disk Images & Create RAM Drives

OSFMount allows you to mount local disk image files bit-for-bit copies of a disk partition in Windows with a drive letter. You can then analyze the disk image file with PassMark OSForensics™ by using the mounted volume's drive letter. By default, the image files are mounted as read only so that t...

6.5AI score
Exploits0
Kitploit
Kitploit
added 2013/04/06 1:37 p.m.342 views

[Ghost Phisher] GUI suite for phishing and penetration attacks

Ghost Phisher is a Wireless and Ethernet security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to emulate access points and deploy various internal networking servers for networking, penetration testing and...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2019/10/17 8:34 p.m.341 views

Dirstalk - Modern Alternative To Dirbuster/Dirb

Dirstalk is a multi threaded application designed to brute force paths on web servers. The tool contains functionalities similar to the ones offered by dirbuster and dirb. Here you can see it in action: How to use it The application is self-documenting, launching dirstalk -h will return all the...

7.6AI score
Exploits0References4
Kitploit
Kitploit
added 2019/05/30 1:4 p.m.341 views

Amass - In-depth DNS Enumeration And Network Mapping

The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2019/08/30 9:52 p.m.340 views

Constellation - A Graph-Focused Data Visualisation And Interactive Analysis Application

Constellation is a graph-focused data visualisation and interactive analysis application enabling data access, federation and manipulation capabilities across large and complex data sets. Vision Statement Constellation is a first class, domain agnostic data visualisation and analysis application...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2017/08/21 10:23 p.m.341 views

Bytecode Viewer - A Java 8 Jar & Android Apk Reverse Engineering Suite (Decompiler, Editor, Debugger & More)

Bytecode Viewer is an Advanced Lightweight Java Bytecode Viewer, GUI Java Decompiler, GUI Bytecode Editor, GUI Smali, GUI Baksmali, GUI APK Editor, GUI Dex Editor, GUI APK Decompiler, GUI DEX Decompiler, GUI Procyon Java Decompiler, GUI Krakatau, GUI CFR Java Decompiler, GUI FernFlower Java...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2019/11/21 8:51 p.m.339 views

Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A Facebook User'S Profile Including All Public Posts/Statuses Available On The User'S Timeline, Uploaded Photos, Tagged Photos, Videos, Friends List And Their Profile Photos

Tooling that automates your social media interactions to collect posts, photos, videos, friends, followers and much more on Facebook. Features A bot which scrapes almost everything about a facebook user's profile including uploaded photos tagged photos videos friends list and their profile photos...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2025/04/24 12:30 p.m.338 views

PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More

| \ | \ | | | | / / |/ / | | | / | | | | / / | | | \ \ || \ \ |\ | || |, |,|/,|/| | |/ ███▄ █ ▓█████ ▒█████ ██ ▀█ █ ▓█ ▀ ▒██▒ ██▒ ▓██ ▀█ ██▒▒███ ▒██░ ██▒ ▓██▒ ▐▌██▒▒▓█ ▄ ▒██ ██░ ▒██░ ▓██░░▒████▒░ ████▓▒░ ░ ▒░ ▒ ▒ ░░ ▒░ ░░ ▒░▒░▒░ ░ ░░ ░ ▒░ ░ ░ ░ ░ ▒ ▒░ ░ ░ ░ ░ ░ ░ ░ ▒ ░ ░ ░ ░ ░ PEGASUS-NEO...

7.7AI score
Exploits0References3
Kitploit
Kitploit
added 2021/06/25 12:30 p.m.338 views

RomBuster - A Router Exploitation Tool That Allows To Disclosure Network Router Admin Password

RomBuster is a router exploitation tool that allows to disclosure network router admin password. Features Exploits vulnerabilities in most popular routers such as D-Link, Zyxel, TP-Link and Huawei. Optimized to exploit multiple routers at one time from list with threading enabled. Simple CLI and...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2021/03/20 8:30 p.m.336 views

Invoke-SocksProxy - Socks Proxy, And Reverse Socks Server Using Powershell

Creates a local or "reverse" Socks proxy using powershell. The local proxy is a simple Socks 4/5 proxy. The reverse proxy creates a tcp tunnel by initiating outbond SSL connections that can go through the system's proxy. The tunnel can then be used as a socks proxy on the remote host to pivot int...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2018/08/20 1:3 p.m.336 views

GitMiner v2.0 - Tool For Advanced Mining For Content On Github

Advanced search tool and automation in Github. This tool aims to facilitate research by code or code snippets on github through the site's search page. MOTIVATION Demonstrates the fragility of trust in public repositories to store codes with sensitive information. REQUIREMENTS lxml requests...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2021/08/18 9:30 p.m.335 views

Jsleak - A Go Code To Detect Leaks In JS Files Via Regex Patterns

jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you can use it to identify anything as long as you have a regex pattern for it. How to install Directly: your package manager install pkg-config libpcre++-dev go get...

7.1AI score
Exploits0References7
Kitploit
Kitploit
added 2021/08/07 9:30 p.m.335 views

Go-Shellcode - A Repository Of Windows Shellcode Runners And Supporting Utilities

go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. The available Shellcode runners include: CreateFiber CreateProcess CreateProcessWithPipe CreateRemoteThread CreateRemoteThreadNati...

8.9AI score
Exploits0References22
Kitploit
Kitploit
added 2017/11/13 1:23 p.m.335 views

Mentalist - Graphical Tool For Custom Wordlist Generation

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper. Install from Source Prerequisites Linux APT package manager Check if Python 3 ...

9.2AI score
Exploits0References1
Kitploit
Kitploit
added 2016/01/11 10:33 p.m.334 views

BackdoorMe - Powerful Auto-Backdooring Utility

Backdoorme is a powerful utility capable of backdooring Unix machines with a slew of backdoors. Backdoorme uses a familiar metasploit interface with tremendous extensibility. Backdoorme relies on having an existing SSH connection or credentials to the victim, through which it will transfer and...

9.6AI score
Exploits0References1
Kitploit
Kitploit
added 2023/01/13 11:30 a.m.333 views

Bkcrack - Crack Legacy Zip Encryption With Biham And Kocher's Known Plaintext Attack

Crack legacy zip encryption with Biham and Kocher's known plaintext attack. Overview A ZIP archive may contain many entries whose content can be compressed and/or encrypted. In particular, entries can be encrypted with a password-based Encryption Algorithm symmetric encryption algorithm referred ...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2017/09/25 9:4 p.m.333 views

clusterd - Application Server Attack Toolkit

clusterd is an open source application server attack toolkit. Born out of frustration with current fingerprinting and exploitation methods, clusterd automates the fingerprinting, reconnaissance, and exploitation phases of an application server attack. See the wiki for more information. Requiremen...

9.8CVSS7.9AI score0.93691EPSS
Exploits40References1
Kitploit
Kitploit
added 2015/06/17 11:41 p.m.333 views

VBS-Obfuscator - VBScript obfuscation to allow PenTesters bypass countermeasures

VBScript obfuscation to allow PenTesters bypass countermeasures. Sample Script Output C:\toolspython obfuscator.py test.vbs out.vbs Char 109 - 5505-5396 Char 115 - 1113775/9685 Char 103 - 540853/5251 Char 98 - -2629+2727 Char 111 - 291-180 Char 120 - 826320/6886 Char 32 - 118016/3688 Char 34 -...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2021/04/15 12:30 p.m.332 views

Swissknife - Scriptable VSCode Extension To Generate Or Manipulate Data. Stop Pasting Sensitive Data In Webpag

The developers swissknife. Do conversions and generations right out of vs code. Extendable with user scripts Available in the Visual Studio Marketplace Currently available scripts Base64 decode Base64 encode Binary To Text Bip39 Mnemonic CSV to Markdown Count characters Count words Crypto currenc...

6.8AI score
Exploits0References4
Kitploit
Kitploit
added 2024/03/13 11:30 a.m.331 views

DarkGPT - An OSINT Assistant Based On GPT-4-200K Designed To Perform Queries On Leaked Databases, Thus Providing An Artificial Intelligence Assistant That Can Be Useful In Your Traditional OSINT Processes

DarkGPT is an artificial intelligence assistant based on GPT-4-200K designed to perform queries on leaked databases. This guide will help you set up and run the project on your local environment. Prerequisites Before starting, make sure you have Python installed on your system. This project has...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2020/06/30 12:30 p.m.331 views

MSFPC - MSFvenom Payload Creator

A quick way to generate various "basic" Meterpreter payloads via msfvenom part of the Metasploit framework. About MSFvenom Payload Creator MSFPC is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible only requiring one input to produce...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2023/01/08 11:30 a.m.329 views

AceLdr - Cobalt Strike UDRL For Memory Scanner Evasion

A position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect. Features Easy to Use Import a single CNA script before generating shellcode. Dynamic Memory Encryption Creates a new heap for a...

7.9AI score
Exploits0References11
Kitploit
Kitploit
added 2019/06/24 12:49 p.m.329 views

Vxscan - Comprehensive Scanning Tool

Python3 comprehensive scanning tool, mainly used for sensitive file detection directory scanning and js leak interface, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, winding Pass CD...

Exploits0References12
Kitploit
Kitploit
added 2016/01/09 5:35 p.m.329 views

SAML Raider - SAML2 Burp Extension

SAML Raider is a Burp Suite extension for testing SAML infrastructures. It contains two core functionalities: Manipulating SAML Messages and manage X.509 certificates. This software was created by Roland Bischofberger and Emanuel Duss during a bachelor thesis at the Hochschule für Technik...

9.6AI score
Exploits0References1
Kitploit
Kitploit
added 2020/05/08 9:30 p.m.328 views

Powerob - An On-The-Fly Powershell Script Obfuscator Meant For Red Team Engagements

An on-the-fly Powershell script obfuscator meant for red team engagements. Built out of necessity. Installation git clone https://github.com/cwolff411/powerob Usage python3 powerob.py obfuscate originalfile.ps1 obfuscatedfile.ps1 Takes an INPUTFILE obfuscates it and dumps the obfuscated version...

7.7AI score
Exploits0References2
Kitploit
Kitploit
added 2019/06/21 1:14 p.m.328 views

MozDef - Mozilla Enterprise Defense Platform

The inspiration for MozDef comes from the large arsenal of tools available to attackers. Suites like metasploit, armitage, lair, dradis and others are readily available to help attackers coordinate, share intelligence and finely tune their attacks in real time. Defenders are usually limited to...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/04 9:12 p.m.327 views

Decodify - Detect And Decode Encoded Strings Recursively

Decodify can detect and decode encoded strings, recursively. Its currently in beta phase. Lets take this string : teamultimate.in and encode it with Hex, URL, Base64 and FromChar encoding, respectively. Now lets pass this encoded string to Decodify: Boom! Thats what Decodify does. Supported...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2022/04/10 9:30 p.m.326 views

LDAP shell - AD ACL Abuse

This repository contains a small tool inherited from ldapshell https://github.com/SecureAuthCorp/impacket/blob/master/impacket/examples/ldapshell.py. Installation These tools are only compatible with Python 3.5+. Clone the repository from GitHub, install the dependencies and you should be good to...

7.3AI score
Exploits0References4
Kitploit
Kitploit
added 2020/10/01 8:30 p.m.326 views

Powerglot - Encodes Offensive Powershell Scripts Using Polyglots

Powerglot encodes several kind of scripts using polyglots, for example, offensive powershell scripts. It is not needed a loader to run the payload. In red-team exercises or offensive tasks, masking of payloads is usually done by using steganography, especially to avoid network level protections,...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2012/12/29 7:35 p.m.325 views

Bugtraq-II Beta 32 bits Release

Features Bugtraq system offers the most comprehensive distribution, optimal, and stable with automated services manager in real time. This distribution based on the 3.2 and 3.4 kernel PAE has a huge range of penetration, forensic and laboratory tools. Bugtraq is available with XFCE, Gnome and KDE...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2019/03/15 11:38 a.m.324 views

Arjun v1.3 - HTTP Parameter Discovery Suite

Features Multi-threading 4 modes of detection A typical scan takes 30 seconds Regex powered heuristic scanning Huge list of 25,980 parameter names Makes just 30-35 requests to the target Usage Note: Arjun doesn't work with python 3.4 Discover parameters To find GET parameters, you can simply do:...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2020/02/01 9:0 p.m.323 views

GDA Android Reversing Tool - A New Decompiler Written Entirely In C++, So It Does Not Rely On The Java Platform, Which Is Succinct, Portable And Fast, And Supports APK, DEX, ODEX, Oat

Here, a new Dalvik bytecode decompiler, GDA(this project started in 2013 and released its first version 1.0 in 2015 at www.gda.com: 9090 , is proposed and implemented in C++ to provide more sophisticated, fast and convenient decompilation support. GDA is completely self-independent and very stabl...

7.4AI score
Exploits0References4
Kitploit
Kitploit
added 2021/09/20 11:30 a.m.322 views

PS2EXE - Module To Compile Powershell Scripts To Executables

Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end. Module version. You find the script based version here...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2020/06/24 9:30 p.m.322 views

Sifter 7.4 - OSINT, Recon & Vulnerability Scanner

Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit...

7.8CVSS8.6AI score0.07667EPSS
Exploits5References7
Kitploit
Kitploit
added 2019/08/01 9:33 p.m.322 views

XSpear - Powerfull XSS Scanning And Parameter Analysis Tool

XSpear is XSS Scanner on ruby gems. Key features Pattern matching based XSS scanning Detect alert confirm prompt event on headless browser with Selenium Testing request/response for XSS protection bypass and reflected params Reflected Params Filtered test event handler HTML tag Special Char Testi...

6.8AI score
Exploits0References2
Kitploit
Kitploit
added 2019/07/12 10:13 p.m.322 views

Objection v1.6.6 - Runtime Mobile Exploration

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. Note: This is not some form of jailbreak / root bypass. By using objection, yo...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2016/03/18 10:31 p.m.322 views

CTF-Tools - Some setup scripts for security research tools

This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. Installers for the following tools are included: Category | To...

8.5AI score
Exploits0References36
Kitploit
Kitploit
added 2021/08/12 9:30 p.m.320 views

Http-Request-Smuggling - HTTP Request Smuggling Detection Tool

HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request to bypass security controls and gain unauthorized access to performs malicious activities, the vulnerability was discovered back in 2005 by watchfire and later in Augu...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2019/03/17 12:41 p.m.319 views

Metaforge - An OSINT Metadata Analyzing Tool That Filters Through Tags And Creates Reports

AnOSINT tool that analyzes metadata and creates dynamic reports" What is "metadata"? To put it simply, metadata is just information about data. The information comes from the tags that capture valuable information about each specific file. Each file has can have many different tags of data that c...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2017/11/12 9:27 p.m.319 views

fatcat - FAT Filesystems Explore, Extract, Repair, And Forensic Tool

This tool is designed to manipulate FAT filesystems, in order to explore, extract, repair, recover and forensic them. It currently supports FAT12, FAT16 and FAT32. Tutorials & examples Building and installing You can build fatcat this way: mkdir build cd build cmake .. make And then install it:...

8.9AI score
Exploits0References7
Kitploit
Kitploit
added 2014/10/09 1:43 a.m.319 views

OWASP Xenotix XSS Exploit Framework 6

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting XSS vulnerability detection and exploitation framework. Xenotix provides Zero False Positive XSS Detection by performing the Scan within the browser engines where in real world, payloads get reflected. Xenotix Scanner Module ...

5.7AI score
Exploits0
Kitploit
Kitploit
added 2019/08/31 1:0 p.m.318 views

0xsp Mongoose v1.7 - Linux/Windows Privilege Escalation intelligent Enumeration Toolkit

Using 0xsp mongoose you will be able to scan targeted operating system for any possible way for privilege escalation attacks, starting from collecting information stage until reporting information through 0xsp Web Application API. user will be able to scan different Linux / windows Operation...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2022/04/17 12:30 p.m.317 views

OWASP Coraza WAF - A Golang Modsecurity Compatible Web Application Firewall Library

Welcome to OWASP Coraza Web Application Firewall, OWASP Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity's seclang language and is 100% compatible with OWASP Core Ruleset. Prerequisites Linux distribution Debian and Centos are recommended, Windows i...

7.4AI score
Exploits0References9
Kitploit
Kitploit
added 2019/04/09 1:26 p.m.317 views

DefectDojo v1.5.4 - Application Vulnerability Correlation And Security Orchestration Application

DefectDojo is a security program and vulnerability management tool. DefectDojo allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities and push findings into defect trackers. Consolidate your findings into one...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2018/12/11 8:43 p.m.317 views

Dawnscanner - Dawn Is A Static Analysis Security Scanner For Ruby Written Web Applications (Sinatra, Padrino And ROR Frameworks)

dawnscanner is a source code scanner designed to review your ruby code for security issues. dawnscanner is able to scan plain ruby scripts e.g. command line applications but all its features are unleashed when dealing with web applications source code. dawnscanner is able to scan major MVC Model...

7.5CVSS8.3AI score0.99449EPSS
Exploits23References7
Total number of security vulnerabilities5000