Lucene search
K
KitploitMost viewed

6011 matches found

Kitploit
Kitploit
added 2014/08/26 12:49 a.m.26 views

WiFi software Acrylic WiFi Free v2.0 - Real-time WLAN information and network analysis

New Acrylic WiFi software update. WiFi software for network analysis has gone through many changes since the first free version and finally reaches version v2.0 with more power than ever and long awaited features for network and channel analysis under Windows and with any wireless card. Acrylic...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/08/14 12:47 a.m.26 views

ParanoiDF - PDF Analysis Suite: Password cracking, redaction recovery, DRM removal, malicious JavaScript extraction, and more

The swiss army knife of PDF Analysis Tools. Based on peepdf - http://peepdf.eternal-todo.com. Features Interactive Console: Type "help" to get a list of commands. Type "help command" to get a description/usage on specific command. crackpw This executes Nacho Barrientos Arias's PDFCrack tool by...

7.3AI score
Exploits0References1
Kitploit
Kitploit
added 2014/07/10 10:31 p.m.26 views

screenFetch - The Bash Screenshot Information Tool

screenFetch is a "Bash Screenshot Information Tool". This handy Bash script can be used to generate one of those nifty terminal theme information + ASCII distribution logos you see in everyone's screenshots nowadays. It will auto-detect your distribution and display an ASCII version of that...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2014/04/20 4:24 p.m.26 views

KisMAC - Free Sniffer/Scanner application for Mac OS X

KisMAC is an open-source and free sniffer/scanner application for Mac OS X. It has an advantage over MacStumbler / iStumbler / NetStumbler in that it uses monitor mode and passive scanning. KisMAC supports many third party USB devices: Intersil Prism2, Ralink rt2570, rt73, and Realtek rtl8187...

7AI score
Exploits0
Kitploit
Kitploit
added 2014/03/27 8:22 p.m.26 views

DNSQuerySniffer - DNS Queries Sniffer

DNSQuerySniffer is a network sniffer utility that shows the DNS queries sent on your system. For every DNS query, the following information is displayed: Host Name, Port Number, Query ID, Request Type A, AAAA, NS, MX, and so on, Request Time, Response Time, Duration, Response Code, Number of...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/03/25 12:30 a.m.26 views

[JRT] Junkware Removal Tool

Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs PUPs from your computer. A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue. This to...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2014/03/04 1:1 a.m.26 views

[Microsoft Network Monitor 3.4] Tool to allow capturing and protocol analysis of network traffic

Microsoft's Network Monitor is a tools that allow capturing and protocol analysis of network traffic. Network Monitor 3 is a protocol analyzer. It enables you to capture, to view, and to analyze network data. You can use it to help troubleshoot problems with applications on the network. This...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2014/02/28 1:11 a.m.26 views

[RouterPassView] Recover lost password from router backup file

Most modern routers allow you to backup the configuration of the router into a file, and then restore the configuration from the file when it's needed. The backup file of the router usually contains important data like your ISP user name/password, the login password of the router, and wireless...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2014/02/23 9:16 p.m.26 views

[FacebookPasswordDump v2.0] Command-line Tool to Recover Facebook Password from Browsers and Messengers

Facebook Password Dump is the command-line tool to instantly recover your lost Facebook password from popular web browsers and messengers. Currently it can recover your Facebook password from following applications, Firefox Internet Explorer v6.x - v10.x Google Chrome Chrome Canary/SXS CoolNovo...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2014/02/14 10:37 p.m.26 views

[Charles] Web Debugging Proxy Application

Charles is a web proxy HTTP Proxy / HTTP Monitor that runs on your own computer. Your web browser or any other Internet application is then configured to access the Internet through Charles, and Charles is then able to record and display for you all of the data that is sent and received. In Web a...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2014/02/03 4:20 p.m.26 views

[OpenSSH 6.5] FREE version of the SSH Connectivity Tools

OpenSSH is a FREE version of the SSH connectivity tools that technical users of the Internet rely on. Users of telnet, rlogin, and ftp may not realize that their password is transmitted across the Internet unencrypted, but it is. OpenSSH encrypts all traffic including passwords to effectively...

7.9AI score
Exploits0
Kitploit
Kitploit
added 2013/12/23 3:46 p.m.26 views

[evasi0n7] iOS 7.x Jailbreak

Evasi0n Jailbreaking tools available for Apple iOS 7 users. This jailbreak utility/tool made by Evad3rs team after 3 months of iOS 7 launched. evasi0n is available for Mac and Windows, and is untethered. Here are the requirements posted on the evasi0n website: A computer, running Windows XP...

6.8AI score
Exploits0
Kitploit
Kitploit
added 2013/10/12 5:12 p.m.26 views

[LinEnum v0.2] Automating local information gathering tasks on Linux hosts

LinEnum is a shell script that automates local information gathering tasks on Linux hosts.Over 65 checks are performed, obtaining anything from kernel information to locating possible escalation points such as potentially useful SUID/GUID files and Sudo/rhost mis-configurations etc. Additionally,...

6.8AI score
Exploits0References1
Kitploit
Kitploit
added 2013/09/13 2:23 p.m.26 views

[SpearPhisher] A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for mostly non-technical people who would like to supplement the education and awareness aspect of their information security program. Not only is it useful to non-technical folks, penetration testers may find it handy for sending...

6.4AI score
Exploits0
Kitploit
Kitploit
added 2013/08/21 12:47 a.m.26 views

[Tunna Framework] Tool designed to bypass firewall restrictions on remote webservers

Tunna is a set of tools which will wrap and tunnel any TCP communication over HTTP. It can be used to bypass network restrictions in fully firewalled environments. The web application file must be uploaded on the remote server. It will be used to make a local connection with services running on t...

7.5AI score
Exploits0
Kitploit
Kitploit
added 2013/07/17 11:1 p.m.26 views

[MAC Address Scanner] Desktop Tool to Find MAC address of Remote Computers on Local Network

MAC Address Scanner is the free desktop tool to remotely scan and find MAC Address of all systems on your local network. It allows you to scan either a single host or range of hosts at a time. During the scan, it displays the current status for each host. After the completion, you can generate...

7AI score
Exploits0
Kitploit
Kitploit
added 2013/06/12 4:2 p.m.26 views

[OWASP Bricks] Modular Deliberately Vulnerable Web Application

Bricks is a deliberately vulnerable web application built on PHP and MySQL. The project focuses on variations of commonly seen application security vulnerabilities and exploits. Each 'brick' has some sort of vulnerability which can be exploited using tools Mantra and ZAP. The mission is to 'break...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2013/05/29 12:11 a.m.26 views

[SET v5.1] The Social-Engineer Toolkit codename “Name of the Doctor”

The Social-Engineer Toolkit SET version 5.1 codename “ Name of the Doctor ” has been released. This version adds a complete rewrite of the MSSQL Bruter as well as a new attack vector utilizing the PSExec functionality within Metasploit. The MSSQL Bruter now incorporates UDP port 1434 quick...

8.6AI score
Exploits0
Kitploit
Kitploit
added 2013/04/21 2:59 a.m.26 views

[Open SCAP v0.9.5] Support of SCE - Script Check Engine

SCAP is a line of standards managed by NIST. It was created to provide a standardized approach to maintaining the security of enterprise systems, such as automatically verifying the presence of patches, checking system security configuration settings, and examining systems for signs of compromise...

6.6AI score
Exploits0
Kitploit
Kitploit
added 2012/12/24 3:27 a.m.26 views

[Hydra v 7.4] Fast Network cracker

One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version. Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports...

7.6AI score
Exploits0
Kitploit
Kitploit
added 2012/12/22 6:50 p.m.26 views

[Scythe Framework] Harvest Profile Id And Email

In this video i will show you how to use Scythe Framework for Harvesting a Email ID and other usernames from blogs, social-media, etc .. I personally like this tool because,online there's tons of tools available for Email ID harvesting but this one is great .... right now only supports two Mail...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2025/04/04 7:18 p.m.25 views

Docf-Sec-Check - DockF-Sec-Check Helps To Make Your Dockerfile Commands More Secure

DockF-Sec-Check helps to make your Dockerfile commands more secure. Done x First-level security notification in the Dockerfile TODO List Correctly detect the Dockerfile. Second-level security notification in the Dockerfile. Security notification in Docker images. Private Repository Installation...

7.5AI score
Exploits0References3
Kitploit
Kitploit
added 2024/03/10 11:30 a.m.25 views

Some-Tweak-To-Hide-Jwt-Payload-Values - A Handful Of Tweaks And Ideas To Safeguard The JWT Payload

some-tweak-to-hide-jwt-payload-values a handful of tweaks and ideas to safeguard the JWT payload, making it futile to attempt decoding by constantly altering its value, ensuring the decoded output remains unintelligible while imposing minimal performance overhead. What is a JWT Token? A JSON Web...

7.7AI score
Exploits0References1
Kitploit
Kitploit
added 2024/02/28 11:30 a.m.25 views

CanaryTokenScanner - Script Designed To Proactively Identify Canary Tokens Within Microsoft Office Documents And Acrobat Reader PDF (docx, xlsx, pptx, pdf)

Detecting Canary Tokens and Suspicious URLs inMicrosoft Office, Acrobat Reader PDF and Zip Files Introduction In the dynamic realm of cybersecurity, vigilance and proactive defense are key. Malicious actors often leverage Microsoft Office files and Zip archives, embedding covert URLs or macros to...

7.1AI score
Exploits0References1
Kitploit
Kitploit
added 2023/09/08 11:30 a.m.25 views

Quick-Lookup-Ptrun - Quick Lookup Plugin For PowerToys Run (Wox)

This plugin for PowerToys Run allows you to quickly search for an IP address, domain name, hash or any other data points in a list of Cyber Security tools. It's perfect for security analysts, penetration testers, or anyone else who needs to quickly lookup information when investigating artifacts ...

7.1AI score
Exploits0References4
Kitploit
Kitploit
added 2023/08/31 12:30 p.m.25 views

Temcrypt - Evolutionary Encryption Framework Based On Scalable Complexity Over Time

The Next-gen Encryption Try temcrypt on the Web → temcrypt SDK Focused on protecting highly sensitive data, temcrypt is an advanced multi-layer data evolutionary encryption mechanism that offers scalable complexity over time, and is resistant to common brute force attacks. You can create your own...

6.8AI score
Exploits0References4
Kitploit
Kitploit
added 2023/08/13 12:30 p.m.25 views

NixImports - A .NET Malware Loader, Using API-Hashing To Evade Static Analysis

A .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis How does it work? NixImports uses my managed API-Hashing implementation HInvoke, to dynamically resolve most of it's called functions at runtime. To resolve the functions HInvoke requires two hashes the typeHas...

7.5AI score
Exploits0References5
Kitploit
Kitploit
added 2023/07/06 12:30 p.m.25 views

SOC-Multitool - A Powerful And User-Friendly Browser Extension That Streamlines Investigations For Security Professionals

Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the Chrome Web Store and compatible with all Chromium-based browsers such as Microsoft Edge, Chrome, Brave, and Opera. Now available on Chrome Web Store!...

7.8AI score
Exploits0References2
Kitploit
Kitploit
added 2023/06/06 12:30 p.m.25 views

Kubestroyer - Kubernetes Exploitation Tool

Kubestroyer Kubestroyer aims to exploit Kubernetes clusters misconfigurations and be the swiss army knife of your Kubernetes pentests About The Project Kubestroyer is a Golang exploitation tool that aims to take advantage of Kubernetes clusters misconfigurations. The tool is scanning known...

7.4AI score
Exploits0References4
Kitploit
Kitploit
added 2023/04/01 11:30 a.m.25 views

Noseyparker - A Command-Line Program That Finds Secrets And Sensitive Information In Textual Data And Git History

Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data. It is useful both for offensive and defensive security testing. Key features: It supports scanning files, directories, and the entire history of Git repositories It uses regular expression matching...

7.1AI score
Exploits0References10
Kitploit
Kitploit
added 2022/11/25 11:30 a.m.25 views

SharpSCCM - A C# Utility For Interacting With SCCM

SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager a.k.a. ConfigMgr, formerly SCCM for lateral movement and credential gathering without requiring access to the SCCM administration console GUI. SharpSCCM was initially created to execute user huntin...

7.7AI score
Exploits0References2
Kitploit
Kitploit
added 2022/10/02 11:30 a.m.25 views

Bayanay - Python Wardriving Tool

WarDriving is the act of navigating, on foot or by car, to discover wireless networks in the surrounding area. Features Wardriving is done by combining the SSID information obtained with scapy using the HTML5 geolocation feature. Usage I cannot be held responsible for the malicious use of the...

7AI score
Exploits0References3
Kitploit
Kitploit
added 2022/07/01 12:30 p.m.25 views

awsEnum - Enumerate AWS Cloud Resources Based On Provided Credential

Enumrate AWS services! with no nosies awsEnum is a python script enumrate AWS services through the provided credential. ▄▄▄▄▄▄ ▄ ▄ ▄▄▄▄▄▄▄ ▄▄▄▄▄▄▄ ▄▄ ▄ ▄▄ ▄▄ ▄▄ ▄▄ █ █ █ ▄ █ █ █ █ █ █ █ █ █ █ █▄█ █ █ ▄ █ ██ ██ █ ▄▄▄▄▄█ ▄▄▄█ █▄█ █ █ █ █ █ █ █▄█ █ █ █▄▄▄▄▄█ █▄▄▄█ █ █▄█ █ █ █ █ █▄▄▄▄▄ █ ▄▄▄█ ▄ █ █ █...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2022/06/21 12:30 p.m.25 views

Msprobe - Finding All Things On-Prem Microsoft For Password Spraying And Enumeration

Finding all things on-prem Microsoft for password spraying and enumeration. The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below: Installing Install...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2022/06/13 9:30 p.m.25 views

SharpEventPersist - Persistence By Writing/Reading Shellcode From Event Log

Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:\path\to\shellcode.bin" -instanceid 1337 -source Persistence -eventlog "Key Management Service". The shellcode is converted to hex and written to the "Key Manageme...

7.4AI score
Exploits0References1
Kitploit
Kitploit
added 2022/06/12 12:30 p.m.25 views

Exfilkit - Data Exfiltration Utility For Testing Detection Capabilities

Data exfiltration utility for testing detection capabilities Description Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To /etc/shadow - HTTP GET requests Server ./exfilkit-cli.py -m...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2022/05/13 12:30 p.m.25 views

Process_Overwriting - Yet Another Variant Of Process Hollowing

Process Overwriting is a PE injection technique, closely related to Process Hollowing and Module Overloading Process Hollowing aka RunPE is an old and popular PE injection technique. It comes in has variety of flavors, but there are some steps in common: 1. Start by creating a process in a...

7.6AI score
Exploits0References9
Kitploit
Kitploit
added 2022/05/02 12:30 p.m.25 views

Moonwalk - Cover Your Tracks During Linux Exploitation By Leaving Zero Traces On System Logs And Filesystem Timestamps

Cover your tracks during LinuxExploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. Introduction moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs...

7.3AI score
Exploits0References7
Kitploit
Kitploit
added 2022/04/26 9:30 p.m.25 views

VulFi - Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries

The VulFi Vulnerability Finder tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide a single view with all cross-references to the most interesting functions such as strcpy, sprintf, system, etc.. For cases where a Hexrays...

6.6AI score
Exploits0References4
Kitploit
Kitploit
added 2022/04/12 9:30 p.m.25 views

Maat - Open-source Symbolic Execution Framework

Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution, taint analysis, constraint solving, binary loading, environment simulation, and leverages Ghidra's sleigh library for assembly lifting: https://maat.re...

7.5AI score
Exploits0References4
Kitploit
Kitploit
added 2022/04/05 12:30 p.m.25 views

DarthSidious - Building An Active Directory Domain And Hacking It

The goal is simple To share my modest knowledge about hacking Windows systems. This is commonly refered to as red team exercises. This book however, is also very concerned with the blue team; the defenders. That is, helping those who are working as defenders, analysts and security experts to buil...

7.3AI score
Exploits0References6
Kitploit
Kitploit
added 2022/03/04 8:30 p.m.25 views

HaccTheHub - Open Source Self-Hosted Cyber Security Learning Platform

Open source self-hosted cyber security learning platform About The Project HaccTheHub is an open source project that provides cyber security The HaccTheHub system consists of 3 main parts: Docker: containing all of the boxes creating the environment in which we'll be learning on. The backend:...

7.2AI score
Exploits0References6
Kitploit
Kitploit
added 2022/02/18 11:30 a.m.25 views

Boko - Application Hijack Scanner For macOS

boko.py is an application scanner for macOS that searches for and identifies potential dylib hijacking and weak dylib vulnerabilities for application executables, as well as scripts an application may use that have the potential to be backdoored. The tool also calls out interesting files and list...

7.3AI score
Exploits0References3
Kitploit
Kitploit
added 2022/02/13 8:30 p.m.25 views

Exrop - Automatic ROP Chain Generation

Exrop is automatic ROP chains generator tool which can build gadget chain automatically from given binary and constraints Requirements : Triton, ROPGadget Only support for x86-64 for now! Features: handling non-return gadgets jmp reg, call reg set registers rdi=0xxxxxx, rsi=0xxxxxx set register t...

7.2AI score
Exploits0References4
Kitploit
Kitploit
added 2022/02/10 11:30 a.m.25 views

LDAP-Password-Hunter - Password Hunter In The LDAP Infamous Database

It happens that due to legacy services requirements or just bad security practices password are world-readable in the LDAP database by any user who is able to authenticate. LDAP Password Hunter is a tool which wraps features of getTGT.py Impacket and ldapsearch in order to look up for password...

8AI score
Exploits0References3
Kitploit
Kitploit
added 2022/01/30 11:30 a.m.25 views

CRT - CrowdStrike Reporting Tool for Azure

This tool queries the following configurations in the Azure AD/O365 tenant which can shed light on hard-to-find permissions and configuration settings in order to assist organizations in securing these environments. Exchange Online O365: Federation Configuration Federation Trust Client Access...

7.5AI score
Exploits0References1
Kitploit
Kitploit
added 2022/01/03 11:30 a.m.25 views

Msmailprobe - Office 365 And Exchange Enumeration

Office 365 and Exchange Enumeration It is widely known that OWA Outlook Webapp is vulnerable to time-based user enumeration attacks. This tool leverages all known, and even some lesser-known services exposed by default Exchange installations to enumerate users. It also targets Office 365 for...

7.1AI score
Exploits0References6
Kitploit
Kitploit
added 2021/12/25 11:30 a.m.25 views

Spamscanner - Spam Scanner Is The Best Anti-Spam, Email Filtering, And Phishing Prevention Service

Spam Scanner is the best anti-spam, email filtering, and phishing prevention service. Spam Scanner is a drop-in replacement and the best alternative to SpamAssassin, rspamd, SpamTitan, and more. Foreword Spam Scanner is a tool and service built by @niftylettuce after hitting countless roadblocks...

6.8AI score
Exploits0References23
Kitploit
Kitploit
added 2021/12/20 8:30 p.m.25 views

Mariana Trench - Security Focused Static Analysis Tool For Android And Java Applications

Mariana Trench is a security focused static analysis platform targeting Android. This guide will walk you through setting up Mariana Trench on your machine and get you to find your first remote code execution vulnerability in a small sample app. These instructions are also available at our websit...

7.8AI score
Exploits0References5
Kitploit
Kitploit
added 2021/10/21 8:30 p.m.25 views

PEASS-ng - Privilege Escalation Awesome Scripts SUITE new generation

Basic Tutorial Here you will find privilege escalation tools for Windows and Linux/Unix and MacOS. These tools search for possible local privilege escalation paths that you could exploit and print them to you with nice colors so you can recognize the misconfigurations easily. Check the LocalWindo...

7.5AI score
Exploits0References4
Total number of security vulnerabilities5000