September 19, 2024Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Mass Assigner is a powerful tool designed to identify and exploit mass assignment vulnerabilities in web applications. It achieves this by first retrieving data from a specified request, such...

by KitPloit in Mass-Assigner, Parameter, Python3, vulnerabilities
September 18, 2024Imperius - Make An Linux Kernel Rootkit Visible Again

A make an LKM rootkit visible again. This tool is part of research on LKM rootkits that will be launched. It involves getting the memory address...

by KitPloit in Imperius, Lkm, Rootkit, Scan
September 17, 2024BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook

Evade EDR's the simple way, by not touching any of the API's they hook. Theory I've noticed that most EDRs fail to scan scripting files, treating...

by KitPloit in BYOSI, Edr Bypass, Edr Evasion, PowerShell, Redteam, Restrictions, Scan, Scripting, Windows
September 16, 2024Psobf - PowerShell Obfuscator

Tool for obfuscating PowerShell scripts written in Go. The main objective of this program is to obfuscate PowerShell code to make its analysis and detection more difficult. The script...

by KitPloit in Obfuscation, Obfuscator, PowerShell, Psobf, Research, Scripts
September 15, 2024ModTracer - ModTracer Finds Hidden Linux Kernel Rootkits And Then Make Visible Again

ModTracer Finds Hidden Linux Kernel Rootkits and then make visible again.Another way to make an LKM visible is using the imperius trick: https://github.com/MatheuZSecurity/ImperiusDownload ModTracer

by KitPloit in Forensics, Hidden, Kernel, Linux, Lkm, ModTracer, Rootkit
September 14, 2024DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

DockerSpy searches for images on Docker Hub and extracts sensitive information such as authentication secrets, private keys, and more. What is Docker? Docker is an open-source platform that...

by KitPloit in DockerSpy, OSINT, Regex, Repositories, Research, Secrets, Uncover, vulnerabilities, Vulnerability
June 26, 2024Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife

Reconnaissance is the first phase of penetration testing which means gathering information before any real attacks are planned So Ashok is an Incredible fast recon tool for penetration tester...

by KitPloit in Ashok, Banner Grabbing, Cmsdetecter, Githubrecon, Linkextractor, Nmap Scanning, Recon Tools, Subdomain Finder
June 25, 2024CloudBrute - Awesome Cloud Enumerator

A tool to find a company (target) infrastructure, files, and apps on the top cloud providers (Amazon, Google, Microsoft, DigitalOcean, Alibaba, Vultr, Linode). The outcome is useful for...

by KitPloit in Bugbounty, Cloud Security, CloudBrute, Infosec, Pentest Tool, Pentesting, Redteam, Vultr
June 24, 2024Hfinger - Fingerprinting HTTP Requests

Tool for Fingerprinting HTTP requests of malware. Based on Tshark and written in Python3. Working prototype stage :-) Its main objective is to provide unique representations (fingerprints) of malware...

by KitPloit in Hfinger, Network Analysis, Pcap, Python, Reporting, Sandbox, Tshark
June 23, 2024VulnNodeApp - A Vulnerable Node.Js Application

A vulnerable application made using node.js, express server and ejs template engine. This application is meant for educational purposes only. Setup Clone this repository git...

by KitPloit in Scripting, vulnerabilities, Vulnerability, Vulnerable, VulnNodeApp
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques