/>
February 23, 2022Snaffler - A Tool For Pentesters To Help Find Delicious Candy

Snaffler is a tool for pentesters to help find delicious candy needles (creds mostly, but it's flexible) in a bunch of horrible boring haystacks (a massive Windows/AD environment)....

by KitPloit in Snaffler, Wordlist
February 23, 2022Njsscan - A Semantic Aware SAST Tool That Can Find Insecure Code Patterns In Your Node.js Applications

njsscan is a static application testing (SAST) tool that can find insecure code patterns in your node.js applications using simple pattern matcher from libsast and syntax-aware semantic code...

by KitPloit in Appsec, Codereview, Codescanner, Njsscan, Nodesecurity, Static Analyzer, Staticanalysis
February 23, 2022Boko - Application Hijack Scanner For macOS

boko.py is an application scanner for macOS that searches for and identifies potential dylib hijacking and weak dylib vulnerabilities for application executables, as well as scripts an...

by KitPloit in Boko, vulnerabilities, Vulnerability
February 23, 2022SharpCookieMonster - Extracts Cookies From Chrome

This is a Sharp port of @defaultnamehere's cookie-crimes module - full credit for their awesome work! This C# project will dump cookies for all sites, even those...

by KitPloit in Chrome, Cookies, Debugger, SharpCookieMonster, Websockets
February 23, 2022Talisman - By Hooking Into The Pre-Push Hook Provided By Git, Talisman Validates The Outgoing Changeset For Things That Look Suspicious

A tool to detect and prevent secrets from getting checked in What is Talisman? Talisman is a tool that installs a hook to your repository to...

by KitPloit in Husky, Potential Secrets, Talisman
February 23, 2022HybridTestFramework - End To End Testing Of Web, API And Security

Full-fledged WEB, API and Security testing framework using selenium,ZAP OWASP proxy and rest-assured Supported Platforms This framework supports WebUi automation across a variety of...

by KitPloit in Allure Report, Cross Browser, Doker Compose, HybridTestFramework, Java11, Localstack, Security Vulnerability, Selenium Grid, Selenium Tests, Selenium Webdriver, Testcontainers, Webautomation
February 23, 2022SSRFire - An Automated SSRF Finder. Just Give The Domain Name And Your Server And Chill! Also Has Options To Find XSS And Open Redirects

An automated SSRF finder. Just give the domain name and your server and chill! ;) It also has options to find XSS and open redirects. Syntax...

by KitPloit in SSRFire, XSS, XSS Detection, XSStrike
February 23, 2022Chain-Reactor - An Open Source Framework For Composing Executables That Simulate Adversary Behaviors And Techniques On Linux Endpoints

Chain Reactor is an open-source tool for testing detection and response coverage on Linux machines. The tool generates executables that simulate sequences of actions like process...

by KitPloit in Adversary Simulation, Chain-Reactor, Mitre Attack
February 23, 2022Voltron - A Hacky Debugger UI For Hackers

Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the...

by KitPloit in Lldb, Toolkit, Voltron, Vtrace, WinDbg, Windows
February 23, 2022Jatayu - Stealthy Stand Alone PHP Web Shell

JATAYU Stealthy Stand Alone PHP Web Shell FEATURES Http Header Based Authentication. ...

by KitPloit in Jatayu, PHP
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques