Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2018/08/06 4:48 p.m.26 views

AutoSploit v2.2 - Automated Mass Exploiter

As the name might suggest AutoSploit attempts to automate the exploitation of remote hosts. Targets can be collected automatically through Shodan, Censys or Zoomeye. But options to add your custom targets and host lists have been included as well. The available Metasploit modules have been select...

7.9AI score
Exploits0References16
Kitploit
Kitploit
added 2018/07/26 9:56 p.m.26 views

FF Password Exporter - Easily Export Your Passwords From Firefox

It can be difficult to export your passwords from Firefox. Since version 57 of Firefox Quantum existing password export addons no longer work. Mozilla provides no other official alternatives. FF Password Exporter makes it quick and easy to export all of your passwords from Firefox. You can use FF...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2018/07/16 9:53 p.m.26 views

LogonTracer - Investigate Malicious Windows Logon By Visualizing And Analyzing Windows Event Log

Investigate malicious logon by visualizing and analyzing Windows active directory event logs. Concept LogonTracer associates a host name or an IP address and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occur...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2018/07/07 10:41 p.m.26 views

Intrigue-Core - Discover Your Attack Surface

Intrigue-core is a framework for automated attack surface discovery. There are a number of use cases: Application and Infrastructure Asset Discovery Security Research and Vulnerability Discovery Malware Campaign Research & Indicator Enrichment Exploratory OSINT Research If you'd like assistance...

7AI score
Exploits0References4
Kitploit
Kitploit
added 2018/05/25 2:12 p.m.26 views

Sn1per v4.4 - Automated Pentest Recon Scanner

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. DEMO VIDEO: FEATURES: Automatically collects basic recon ie. whois, ping, DNS, etc. Automatically launches Google hacking queries against a target domain Automatically enumerates...

7.2AI score
Exploits0References3
Kitploit
Kitploit
added 2018/05/16 2:37 p.m.26 views

DNSBin - Tool To Test Data Exfiltration Through DNS (RCE and XXE)

DNSBin is a simple tool to test data exfiltration through DNS and help test vulnerability like RCE or XXE when the environment has significant constraint. The project is in two parts, the first one is the web server and it's component. It offers a basic web UI, for most cases you won't need more...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2018/05/06 1:36 p.m.26 views

Kurukshetra - A Framework For Teaching Secure Coding By Means Of Interactive Problem Solving

Kurukshetra is a web framework that’s developed with the aim of being the first open source framework which provides a solid foundation to host reasonably complex secure coding challenges while still providing the ability to efficiently and dynamically execute each challenge on the basis of user...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2018/03/28 12:51 p.m.26 views

WhoAmIMailBot - A Service To Mask Your Email

What is it? A service to mask your e-mails, it was inspired by Blur service, where you create a alias for your e-mail, and use it to signup on applications, but the problem on Blur, is that all e-mails pass trough they infraestructure, and I don't need anybody looking on my e-mails, to solve that...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2018/03/22 8:39 p.m.26 views

CLOUDKiLL3R - Bypasses Cloudflare Protection Service Via TOR Browser

CLOUDKiLL3R bypasses Cloudflare protection service via TOR Browser ! CLOUDKiLL3R Requirements : TOR Browser to scan as many sites as you want : Python Compiler CLOUDKiLL3R Installation ? Make sure that TOR Browser is up and running while working with CLOUDKiLL3R . Make sure that the IP AND PORT a...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/03/09 1:10 p.m.26 views

Rop-Tool - A Tool To Help You Write Binary Exploits

A tool to help you writing binary exploits OPTIONS rop-tool v2.4.1 Help you to make binary exploits. Usage: rop-tool OPTIONS Commands : gadget Search gadgets patch Patch the binary info Print info about binary heap Display heap structure disassemble Disassemble the binary search Search on binary...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2018/02/10 1:17 p.m.26 views

LuLu - macOS Firewall That Aims To Block Unauthorized (Outgoing) Network Traffic

LuLu is the free open-source macOS firewall that aims to block unauthorized outgoing network traffic, unless explicitly approved by the user: Full details and usage instructions can be found here. It's also important to understand LuLu's limitations! Some of these will be addressed as the softwar...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2018/01/28 9:30 p.m.26 views

DEScrypt-CPU-Collision-Cracker - DEScrypt CPU Collision Cracker

A linux based high performance DEScrypt CPU cracker written in c++, it deduces the salt and uses a password list to crack hashes. Why not use a rainbow table? DEScrypt uses by default a two byte saltcomprised of characters a-zA-Z0-9./ 1 which would mean that you would need to produce roughly 65,5...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2018/01/21 9:11 p.m.26 views

Ketshash - A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs. The tool was published as part of the "Pass-The-Hash detection" research - more details on "Pass-The-Hash detection" are in the blog post:...

7AI score
Exploits0References2
Kitploit
Kitploit
added 2018/01/08 8:32 p.m.26 views

Wapiti 3.0.0 - The Web-Application Vulnerability Scanner

Wapiti allows you to audit the security of your websites or web applications. It performs "black-box" scans it does not study the source code of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of...

7.8AI score
Exploits0
Kitploit
Kitploit
added 2017/12/14 1:13 p.m.26 views

dirsearch v0.3.8 - Brute Force Directories and Files in Websites

dirsearch is a simple command line tool designed to brute force directories and files in websites. Operating Systems supported Windows XP/7/8/10 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for multiple extensions -e|--extensions asp,php Reporting plain text, JSON...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/10/12 9:27 p.m.26 views

Cameradar v2.0 - Hack into RTSP CCTV cameras

An RTSP stream access tool that comes with its library. Cameradar allows you to Detect open RTSP hosts on any accessible target host Detect which device model is streaming Launch automated dictionary attacks to get their stream route e.g.: /live.sdp Launch automated dictionary attacks to get the...

7.2AI score
Exploits0References4
Kitploit
Kitploit
added 2017/10/12 1:14 p.m.26 views

FLOSS - FireEye Labs Obfuscated String Solver (Automatically extract obfuscated strings from malware)

Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key...

7.2AI score
Exploits0References6
Kitploit
Kitploit
added 2017/09/28 1:10 p.m.26 views

CrackMapExec v3.1.5 - A Swiss Army Knife For Pentesting Networks

CrackMapExec a.k.a CME is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of "Living off the Land": abusing built-in Active Directory features/protocols to achieve it's functionality and...

7.3AI score
Exploits0References15
Kitploit
Kitploit
added 2017/09/23 9:53 p.m.26 views

TCPCopy - A TCP Stream Replay Tool

TCPCopy is a TCP stream replay tool to support real testing of Internet server applications. Description Although the real live flow is important for the test of Internet server applications, it is hard to simulate it as online environments are too complex. To support more realistic testing of...

7.7AI score
Exploits0References4
Kitploit
Kitploit
added 2017/09/07 9:0 p.m.26 views

XFLTReaT - Tunnelling Framework

This is just one thing of many things that was missing from the Internet. If you got tired of trying several tunnelling tools for each protocols, this must be your tool framework. Available modules TCP UDP ICMP SOCKS v4, 4a, 5 HTTP CONNECT DNS A/CNAME, PRIVATE, NULL - Proof of Concept Available...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2017/09/03 2:30 p.m.26 views

D0xk1t - Web-based OSINT and Active Reconaissance Suite

Active reconnaissance, information gathering and OSINT built in a portable web application. 1.0 Introduction 1. What is this? D0xk1t is an open-source , self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers. Based off of the prior command-line script,...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2017/07/27 11:12 p.m.26 views

Twiga - A Tool That Enumerates Android Devices For Information Useful In Understanding Its Internals And For Exploit Development

A tool that enumerates Android devices for information useful in understanding its internals and for exploit development. It supports android 4.2 to android 7.1.1 Requirements The most current ADB must be in your path and fully functional The report name must not have any whitespace Limitations...

7.1AI score
Exploits0References3
Kitploit
Kitploit
added 2017/07/26 9:37 p.m.26 views

ASTo - An IoT Network Security Analysis Tool and Visualizer

ASTo is security analysis tool for IoT networks. It is developed to support the Apparatus security framework. ASTo is based on electron and cytoscape.js. The icons are provided by Google's Material Design. The application is still in prototyping stage, which means a lot of functionality is being...

7.3AI score
Exploits0References5
Kitploit
Kitploit
added 2017/04/26 2:15 p.m.26 views

InfectPE - Inject Custom Code into PE File

Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files. Why you need InjectPE? You can test your security products. Use in a phishing campaign. Learn how PE injection works. ...and so on. In the project, there is hardcoded x-code of...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2017/04/22 2:40 p.m.26 views

DBShield - Database Firewall Written In Go

Protects your data by inspecting incoming queries from your application server and rejecting abnormal ones. How it works? For example, this is how web server normally interacts with database server: By adding DBShield in front of database server we can protect it against abnormal queries. To dete...

7.9AI score
Exploits0References5
Kitploit
Kitploit
added 2017/03/28 1:32 p.m.26 views

wuzz - Interactive CLI Tool for HTTP Inspection

Interactive cli tool for HTTP inspection Wuzz command line arguments are similar to cURL's arguments, so it can be used to inspect/modify requests copied from the browser's network inspector with the "copy as cURL" feature. Installation and usage $ go get github.com/asciimoo/wuzz $...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/03/11 2:23 p.m.26 views

cgPwn - Cyber Grand Pwnage Box

A lightweight VM for hardware hacking, RE fuzzing, symEx, exploiting etc and wargaming tasks. This is a Ubuntu VM tailored for hardware hacking, RE and Wargaming. Tools included Pwndbg Pwntools Binwalk Radare2 Capstone, Unicorn and Keystone Engines Qira Timeless Debugger AFL Valgrind , VGdb...

6.9AI score
Exploits0References2
Kitploit
Kitploit
added 2017/03/03 2:22 p.m.26 views

ansvif - An Advanced Fuzzing Framework Designed To Find Vulnerabilities In C/C++ Code.

ansvif, written primarily in C++, is designed to find code bugs by throwing garbage input at programs to see how they react. This is great for finding bugs, because not every type of input is always handled, and buffers are not always checked, etc. It also comes in handy when writing and protecti...

8.2AI score
Exploits0References1
Kitploit
Kitploit
added 2017/03/02 2:6 p.m.26 views

kimi - Script To Generate Malicious Debian Packages (Debian Trojans)

Script to generate malicious debian packages debain trojans. Kimi is name inspired from "Kimimaro" one of my favriote charater from anime called "Naruto". Kimi is a script which generates Malicious debian package for metasploit which consists of bash file. the bash file is deployed into...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2017/02/13 2:30 p.m.26 views

vsaudit - VOIP Security Audit Framework

This is an opensource tool to perform attacks to general voip services It allows to scans the whole network or single host to do the gathering phase, then it is able to search for most known vulnerabilities on the founds alive hosts and try to exploit them. Install dependencies To start using...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2016/11/05 2:13 p.m.26 views

OpenDoor - OWASP Directory Access Scanner

This application scans the site directories and find all possible ways to login, empty directories and entry points. Scans conducted in the dictionary that is included in this application. This software is written for informational purposes and is an open source product under the GPL license...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2016/11/03 2:30 p.m.26 views

Sniffles - Packet Capture Generator for IDS and Regular Expression Evaluation

Sniffles is a tool for creating packet captures that will test IDS that use fixed patterns or regular expressions for detecting suspicious behavior. Sniffles works very simply. It takes a set of regular expressions or rules and randomly chooses one regular expression or rule. It then generates...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2016/10/22 2:30 p.m.26 views

BBQSQL - A Blind SQL Injection Exploitation Tool

Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues. BBQSQL is a blind SQL injection framework written in Python. It is...

7.6AI score
Exploits0References2
Kitploit
Kitploit
added 2016/05/17 11:46 p.m.26 views

Netdata - Real-Time Performance Monitoring

netdata is a highly optimized Linux daemon providing real-time performance monitoring for Linux systems, Applications, SNMP devices, over the web ! It tries to visualize the truth of now , in its greatest detail , so that you can get insights of what is happening now and what just happened, on yo...

6.9AI score
Exploits0References7
Kitploit
Kitploit
added 2016/05/13 10:30 p.m.26 views

CJExploiter - Drag and Drop ClickJacking Exploit Development Assistance Tool

CJExploiter is drag and drop ClickJacking exploit development assistance tool. First open the "index.html" with your browser locally and enter target URL and click on "View Site". You can dynamically create your own inputs. Finally by click the "Exploit It" you can see the P0C. Summery...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2016/05/12 10:23 p.m.26 views

RSPET - Python Reverse Shell and Post Exploitation Tool

RSPET Reverse Shell and Post Exploitation Tool is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario. Features Remote Command Execution Trafic masking XORed insted of cleartext; for better results use port 4431 Built-in File/Binary transfer both...

8AI score
Exploits0References1
Kitploit
Kitploit
added 2016/03/23 10:30 p.m.26 views

Jsprime - A JavaScript Static Security Analysis Tool

Today, more and more developers are switching to JavaScript as their first choice of language. The reason is simple JavaScript has now been started to be accepted as the mainstream programming for applications, be it on the web or on the mobile; be it on client-side, be it on the server side...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2015/09/14 11:51 p.m.26 views

Pentoo 2015 - Security-Focused Livecd based on Gentoo

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable livecd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2015/09/08 9:45 p.m.26 views

Sn1per - Automated Pentest Recon Scanner

Sn1per is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Features Automatically collects basic recon ie. whois, ping, DNS, etc. Automatically launches Google hacking queries against a target domain Automatically enumerates open ports...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2015/07/28 5:23 p.m.26 views

BWA - OWASP Broken Web Applications Project

A collection of vulnerable web applications that is distributed on a Virtual Machine. Description The Broken Web Applications BWA Project produces a Virtual Machine running a variety of applications with known vulnerabilities for those interested in: learning about web application security testin...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2015/07/10 3:13 a.m.26 views

Q-shell - Quick Shell for Unix Administrator

q-shell is quick shell for remote login into Unix system, it use blowfish crypt algorithm to protect transport data from client to server, you can get two program: 'qsh' for client, and 'qshd' for server, those program can rename by any name with you prefer. Compile Just enter 'make' and it will...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2015/06/18 5:7 p.m.26 views

Security CheatSheets - A collection of cheatsheets for various infosec tools and topics

These security cheatsheets are part of a project for the Ethical Hacking and Penetration Testing course offered at the University of Florida. Expanding on the default set of cheatsheets, the purpose of these cheatsheets are to aid penetration testers/CTF participants/security enthusiasts in...

7.6AI score
Exploits0References1
Kitploit
Kitploit
added 2015/05/22 11:6 p.m.26 views

FTPMap - FTP scanner in C

Ftpmap scans remote FTP servers to indentify what software and what versions they are running. It uses program-specific fingerprints to discover the name of the software even when banners have been changed or removed, or when some features have been disabled. also FTP-Map can detect Vulnerables b...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2015/04/20 8:25 p.m.26 views

Rekall - The Most Complete Memory Analysis Framework

The Rekall Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory RAM samples. The extraction techniques are performed completely independent of the system being investigated but...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2015/02/04 4:30 p.m.26 views

SUMo - Software Update Monitor

SUMo S oftware U pdate Mo nitor keeps your PC up-to-date & safe by using the most recent version of your favorite software ! Unlike built-in auto update features, SUMo tells you if updates are available before you need to use your software. Features Automatic detection of installed software Detec...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2015/01/21 8:0 p.m.26 views

Grinder - System to Automate the Fuzzing of Web Browsers

Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes. Grinder Nodes provide an automated way to fuzz a browser, and generate useful crash information such as call stacks with symbol information as well as logging information which can be used...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2014/12/01 10:18 p.m.26 views

Samurai Web Testing Framework 3.0 - LiveCD Web Pen-testing Environment

The Samurai project team is happy to announce the release of a development version of the Samurai Web Testing Framework. This release is currently a fully functional linux environment that has a number of the tools pre-installed. Our hope is that people who are interested in making this the best...

7AI score
Exploits0
Kitploit
Kitploit
added 2014/11/05 12:25 a.m.26 views

Asterisk Password Spy v3.1 - Windows Asterisk Password Recovery Tool

Asterisk Password Spy is the FREE tool to instantly reveal the hidden password behind asterisks . It's user friendly interface can help you to easily find the passwords from any Windows based application.You can simply drag the 'search icon' to any password box to find the real password hidden by...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2014/08/26 12:49 a.m.26 views

WiFi software Acrylic WiFi Free v2.0 - Real-time WLAN information and network analysis

New Acrylic WiFi software update. WiFi software for network analysis has gone through many changes since the first free version and finally reaches version v2.0 with more power than ever and long awaited features for network and channel analysis under Windows and with any wireless card. Acrylic...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/08/14 12:47 a.m.26 views

ParanoiDF - PDF Analysis Suite: Password cracking, redaction recovery, DRM removal, malicious JavaScript extraction, and more

The swiss army knife of PDF Analysis Tools. Based on peepdf - http://peepdf.eternal-todo.com. Features Interactive Console: Type "help" to get a list of commands. Type "help command" to get a description/usage on specific command. crackpw This executes Nacho Barrientos Arias's PDFCrack tool by...

7.3AI score
Exploits0References1
Total number of security vulnerabilities5000