Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2018/02/21 1:30 p.m.28 views

Findsploit - Find Exploits In Local And Online Databases Instantly

Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes "copysploit" to copy any exploit-db exploit to the current directory and "compilesploit" to automatically compile and run any C exploit ie. ./copysploit 1337.c &&...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/17 8:16 p.m.28 views

gOSINT - Open Source Intelligence Framework

gOSINT is a small OSINT framework in golang, it's actually in development and still not ready for production if you want, feel free to contribute! What gOSINT can do Find mails from git repository Find Dumps for mail address Search for mail address linked to domain/mail address in PGP keyring...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2017/12/30 1:12 p.m.28 views

BlueMaho v090417 - Bluetooth Security Testing Suite

BlueMaho is GUI-shell interface for suite of tools for testing security of bluetooth devices. It is freeware, opensource, written on python, uses wxPyhon. It can be used for testing BT-devices for known vulnerabilities and major thing to do - testing to find unknown vulns. Also it can form nice...

7.8AI score
Exploits0
Kitploit
Kitploit
added 2017/12/25 9:12 p.m.28 views

GOSINT - Open Source Threat Intelligence Gathering and Processing Framework

The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise IOCs. GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence. Applying threat intelligence to security operations enriches...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/11/21 1:25 p.m.28 views

PortEx - Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2017/11/19 9:56 p.m.28 views

SimpleWall - Simple tool to configure Windows Filtering Platform (WFP)

Simple tool to configure Windows Filtering Platform WFP which can configure network activity on your computer. The lightweight application is less than a megabyte, and it is compatible with Windows Vista and higher operating systems. You can download either the installer or portable version. For...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2017/10/06 1:30 p.m.28 views

TorWall - Transparent Tor for Windows

Tallow is a small program that redirects all outbound traffic from a Windows machine via the Tor anonymity network. Any traffic that cannot be handled by Tor, e.g. UDP, is blocked. Tallow also intercepts and handles DNS requests preventing potential leaks. Tallow has several applications,...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2017/10/05 1:35 p.m.28 views

Wifite 2 - A complete re-write of Wifite (Automated Wireless Attack Tool)

A complete re-write of wifite, a Python script for auditing wireless networks. What's new? Lots of files instead of "one big script". Cleaner process management -- No longer leaves processes running in the background. UX: Target access points are refreshed every second instead of every 5 seconds...

7.5AI score
Exploits0References2
Kitploit
Kitploit
added 2017/10/01 9:0 p.m.28 views

Ironsquirrel - Encrypted Exploit Delivery for the Masses

This project aims at delivering browser exploits to the victim browser in an encrypted fashion. Ellyptic-curve Diffie-Hellman secp256k1 is used for key agreement and AES is used for encryption. By delivering the exploit code and shellcode to the victim in an encrypted way, the attack can not be...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2017/09/30 9:0 p.m.28 views

CipherScan - Find out which SSL ciphersuites are supported by a target

Cipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl sclient command line. Cipherscan is meant to run on all...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2017/09/20 2:0 p.m.28 views

dcrawl - Simple, But Smart, Multi-Threaded Web Crawler For Randomly Gathering Huge Lists Of Unique Domain Names

dcrawl is a simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names. How it works? dcrawl takes one site URL as input and detects all links in the site's body. Each found link is put into the queue. Successively, each queued link is crawled in the sa...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2017/09/12 2:30 p.m.28 views

theZoo - A repository of LIVE malwares for your own joy and pleasure

theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and saf...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2017/08/17 10:10 p.m.28 views

Algo VPN - Set up a personal IPSEC VPN in the cloud

Algo VPN is a set of Ansible scripts that simplify the setup of a personal IPSEC VPN. It uses the most secure defaults available, works with common cloud providers, and does not require client software on most devices. Features Supports only IKEv2 with strong crypto: AES-GCM, SHA2, and P-256...

7.1AI score
Exploits0References8
Kitploit
Kitploit
added 2017/08/16 10:12 p.m.28 views

SweetSecurity - Network Security Monitoring on Raspberry Pi type devices

Scripts to setup and install Bro IDS, Elasticsearch, Logstash, Kibana, and Critical Stack on any device. Getting Sweet Security Either download the Github repository manually, or clone the repo with the following command: $ git clone https://github.com/travisfsmith/sweetsecurity Prerequisites Mos...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2017/08/11 3:8 p.m.28 views

LinEnum v0.6 - Scripted Local Linux Enumeration and Privilege Escalation Checks

LinEnum will automate many of the checks that I’ve documented in the Local Linux Enumeration & Privilege Escalation Cheatsheet. It’s a very basic shell script that performs over 65 checks, getting anything from kernel information to locating possible escalation points such as potentially useful...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2017/08/09 11:12 p.m.28 views

Plasma - An Interactive Disassembler for x86/ARM/MIPS

PLASMA is an interactive disassembler. It can generate a more readable assembly pseudo code with colored syntax. You can write scripts with the available Python api see an example below. The project is still in big development. wiki : TODO list and some documentation. It supports : architectures ...

7.2AI score
Exploits0References8
Kitploit
Kitploit
added 2017/07/16 2:12 p.m.28 views

CloudFail - Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

CloudFail is a tactical reconnaissance tool which aims to gather enough information about a target protected by CloudFlare in the hopes of discovering the location of the server. Using Tor to mask all requests, the tool as of right now has 3 different attack phases. 1. Misconfigured DNS scan usin...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2017/05/21 2:50 p.m.28 views

Airachnid Burp Extension - A Burp Extension to test applications for vulnerability to the Web Cache Deception attack

A Burp extension to test applications for vulnerability to the Web Cache Deception attack. Once the extension has been loaded, it can be accessed in the Target - Sitemap tab and right click on the resource that should be tested. A context sensitive menu item called "Airachnid Web Cache Test" will...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2017/01/12 2:28 p.m.28 views

Acunetix Release Web Site Security Pen Testing Tools Free

HTTP editor, fuzzer and sniffer tools help pen testers identify vulnerabilities London, UK – January 2016 – Hot on the release of Acunetix Version 11, pioneering web application security software Acunetix, now delivering Manual Pen Testing Tools at no cost. Penetration testers can make use of an...

8.8AI score
Exploits0
Kitploit
Kitploit
added 2016/11/25 1:48 p.m.28 views

F-Scrack - A Single File Bruteforcer Supports Multi-Protocol

F-Scrack is a single file bruteforcer supports multi-protocol, no extra library requires except python standard library, which is ideal for a quick test. Currently support protocol: FTP, MySQL, MSSQL,MongoDB,Redis,Telnet,Elasticsearch,PostgreSQL. Compatible with OSX, Linux, Windows, Python 2.6+...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2016/11/24 2:0 p.m.28 views

Metasploitable3 - An Intentionally Vulnerable Machine for Exploit Testing

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities. It is intended to be used as a target for testing exploits with metasploit . Metasploitable3 is released under a BSD-style license. See COPYING for more details. Building Metasploitable 3...

7.1AI score
Exploits0References9
Kitploit
Kitploit
added 2016/10/11 9:27 p.m.28 views

PowerLurk - Malicious WMI Events using PowerShell

PowerLurk is a PowerShell toolset for building malicious WMI Event Subsriptions. The goal is to make WMI events easier to fire off during a penetration test or red team engagement. Please see my post Creeping on Users with WMI Events: Introducing PowerLurk for more detailed information:...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2016/09/14 2:38 p.m.28 views

Cartero - Social Engineering Framework

A robust Phishing Framework with a full featured CLI interface. The project was born out necessity through of years of engagements with tools that just didn't do the job. Even though there are many projects out there, we were not able to find a suitable solution that gave us both easy of use and...

6.6AI score
Exploits0References1
Kitploit
Kitploit
added 2016/06/25 7:39 p.m.28 views

Whonix 13 - Anonymous Operating System

Whonix is a desktop operating system designed for advanced security and privacy. It realistically addresses attacks while maintaining usability. It makes online anonymity possible via fail-safe, automatic, and desktop-wide use of the Tor network. A heavily reconfigured Debian base is run inside...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2016/02/10 10:12 p.m.28 views

SideDoor - Debian/Ubuntu Backdoor Using A Reverse SSH Tunnel

sidedoor maintains a reverse tunnel to provide a backdoor. sidedoor can be used to remotely control a device behind a NAT. sidedoor is packaged for Debian-based systems with systemd or upstart. It has been used on Debian 8 jessie and Ubuntu 14.04 LTS trusty. The sidedoor user has full root access...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2015/12/14 10:17 p.m.28 views

Flashlight - Automated Information Gathering Tool for Penetration Testers

Pentesters spend too much time during information gathering phase. Flashlight Fener provides services to scan network/ports and gather information rapidly on target networks. So Flashlight should be the choice to automate discovery step during a penetration test. In this article, usage of Flashli...

6.9AI score
Exploits0References3
Kitploit
Kitploit
added 2015/12/03 9:35 p.m.28 views

SpiderFoot v2.6.1 - Open Source Intelligence Automation

SpiderFoot is an open source intelligence automation tool. Its goal is to automate the process of gathering intelligence about a given target. Purpose There are three main areas where SpiderFoot can be useful: 1. If you are a pen-tester, SpiderFoot will automate the reconnaisance stage of the tes...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2015/11/03 9:52 p.m.28 views

Security Onion - Linux Distro For Intrusion Detection, Network Security Monitoring, And Log Management

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2015/09/29 9:33 p.m.28 views

Pupy - Multi-Platform Remote Administration Tool

Pupy is an opensource, multi-platform Remote Administration Tool written in Python. On Windows, Pupy uses reflective dll injection and leaves no traces on disk. Features : On windows, the Pupy payload is compiled as a reflective DLL and the whole python interpreter is loaded from memory. Pupy doe...

8.2AI score
Exploits0References2
Kitploit
Kitploit
added 2015/09/28 9:28 p.m.28 views

Windows Spy Keylogger - Software to Log Keystrokes in Stealth Mode for 32-bit/64-bit processes on Windows XP/Vista/7/8/10

Windows Spy Keylogger is the free software to help you covertly monitor all activities on your computer. It intercepts everything that is typed on keyboard and stores into one log file which you can view it anytime later. You can track logins , passwords , emails , chats and all other secret thin...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2015/09/10 6:47 p.m.28 views

ZAP 2.4.2 - Penetration Testing Tool for Testing Web Applications

The Zed Attack Proxy ZAP is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testin...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2015/09/09 8:43 p.m.28 views

Wfuzz - The Web Application Bruteforcer

Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked directories, servlets, scripts, etc, bruteforce GET and POST parameters for checking different kind of injections SQL, XSS, LDAP,etc, bruteforce Forms parameters User/Password, Fuzzing,etc...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2015/08/05 1:30 p.m.28 views

Netsparker Cloud - Online Web Application Security Scanner

Netsparker Cloud is an online web application security scanner built around the advanced scanning technology of Netsparker Web Application Security Scanner; the only false positive free automated desktop based web vulnerability scanner. Benefit from the Cloud AFFORDABLE AND MAINTENANCE FREE WEB...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2015/07/24 7:33 p.m.28 views

BackBox Linux 4.3 - Ubuntu-based Linux Distribution Penetration Test and Security Assessment

BackBox is a Linux distribution based on Ubuntu. It has been developed to perform penetration tests and security assessments. Designed to be fast, easy to use and provide a minimal yet complete desktop environment, thanks to its own software repositories, always being updated to the latest stable...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2015/07/20 9:19 p.m.28 views

KeyBox - A web-based SSH console that centrally manages administrative access to systems

KeyBox is a web-based SSH console that centrally manages administrative access to systems. Web-based administration is combined with management and distribution of user's public SSH keys. Key management and administration is based on profiles assigned to defined users. Administrators can login...

7.7AI score
Exploits0References3
Kitploit
Kitploit
added 2015/07/02 8:32 p.m.28 views

Nikto2 - Web Server Scanner

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks...

8.6AI score
Exploits0References1
Kitploit
Kitploit
added 2015/05/21 7:30 p.m.28 views

ShellCheck - Automatically Detects Problems with sh/bash Scripts and Commands

ShellCheck is a static analysis and linting tool for sh/bash scripts. It's mainly focused on handling typical beginner and intermediate level syntax errors and pitfalls where the shell just gives a cryptic error message or strange behavior, but it also reports on a few more advanced issues where...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2015/05/05 10:30 p.m.28 views

Password Cracking Suite

How To Use It: git clone https://github.com/TecnoHack/Password-Cracking-Suite.git chmod +x csuit.py ./csuit.py Dics Path: In this path, you can add any dictionary you would like to use. Tools Path: In this path, the script will install 3rd party tools. You can download some here:...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2015/03/11 3:30 p.m.28 views

XSSYA v2.0 - Cross Site Scripting Scanner & Vulnerability Confirmation

XSSYA Cross Site Scripting Scanner & Vulnerability Confirmation written in python scripting language confirm the XSS Vulnerability in two method first work by execute the payload encoded to bypass Web Application Firewall which is the first method request and responseif it respond 200 it turn...

6.2AI score
Exploits0References1
Kitploit
Kitploit
added 2014/12/16 1:35 a.m.28 views

Windows Password Kracker - Free Windows Password Recovery Software

Windows Password Kracker is a free software to recover the lost or forgotten Windows password. It can quickly recover the original windows password from either LM LAN Manager or NTLM NT LAN Manager Hash. Windows encrypts the login password using LM or NTLM hash algorithm. Since these are one way...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2014/12/01 8:33 p.m.28 views

Isowall - A mini-firewall that completely isolates a target device from the local network

This is a mini-firewall that completely isolates a target device from the local network. This is for allowing infected machines Internet access, but without endangering the local network. Building This project depends upon libpcap, and of course a C compiler. On Debian, the following should work:...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2014/09/22 10:49 p.m.28 views

FBHT v3.0 - Facebook Hacking Tool (Like flood, Note DDoS attack, FBFriendlyLogout, more...)

FBHTFacebook Hacking Tool is an open-source tool written in Python that exploits multiple vulnerabilities on the Facebook platform The tool provides: 1 Create accounts 2 Delete all accounts for a given user 3 Send friendship requests Test Accounts 4 Accept friendship requests Test Accounts 5...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2014/09/22 10:23 p.m.28 views

NetHogs - Small 'net top' tool

NetHogs is a small 'net top' tool. Instead of breaking the traffic down per protocol or per subnet, like most tools do, it groups bandwidth by process. NetHogs does not rely on a special kernel module to be loaded. If there's suddenly a lot of network traffic, you can fire up NetHogs and...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/08/14 12:56 a.m.28 views

Netsparker v3.5.5 - Web Application Security Scanner

Netsparker Web Application Security Scanner can find and report web application vulnerabilities such as SQL Injection and Cross-site Scripting XSS and security issues on all web applications and websites regardless of the platform and the technology they are built on. Netsparker is very easy to u...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2014/07/23 1:44 a.m.28 views

Inxi - A newer, better system information script for irc, administration, and system troubleshooters

A newer, better system information script for irc, administration, and system troubleshooters. Inxi Options Inxi has a wide range of options and custom triggers, along with useful defaults like -b or -F. Plain inxi, no options, prints a single line of basic system information. Here is a screensho...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2014/07/20 11:22 p.m.28 views

NoVirusThanks File Governor - Unlock locked files and folders

NoVirusThanks File Governor is an advanced program which allows for files and folders within the system to be unlocked so that normal file I/O operations can be completed when normally they would not be able to be due to operating system restrictions for files currently in use. Once a file or...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/07/15 3:3 a.m.28 views

Dirs3arch - HTTP(S) Directory/File Brute Forcer

dirs3arch is a simple command line tool designed to brute force directories and files in websites. Features Keep alive connections Multithreaded Detect not found web pages when 404 not found errors are masked .htaccess, web.config, etc. Recursive brute forcing Usage: dirs3arch.py -u|--url target...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2014/06/14 8:43 p.m.28 views

Hooker - Automated Dynamic Analysis of Android Applications

Hooker is an opensource project for dynamic analysis of Android applications. This project provides various tools and applications that can be use to automaticaly intercept and modify any API calls made by a targeted application. It leverages Android Substrate framework to intercept these calls a...

6.8AI score
Exploits0References2
Kitploit
Kitploit
added 2014/04/30 2:2 a.m.28 views

BluetoothLogView - Creates a log of Bluetooth devices activity around you

BluetoothLogView is a small utility that monitors the activity of Bluetooth devices around you, and displays a log of Bluetooth devices on the main window. Every time that a new Bluetooth device arrives to your area and when the device leaves your area, a new log line is added with the following...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2014/03/20 7:52 p.m.28 views

[SSLsplit] Transparent and scalable SSL/TLS interception

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original...

9.5AI score
Exploits0References1
Total number of security vulnerabilities5000