OSINT Tool On Twitter And Instagram.   Installation   Clone the github repo   $ git clone https://github.com/xadhrit/terra.git   Change Directory $ cd terra   Requirements :   For requirements run following commands:   $ python3 -m pip install -r requirements.txt   Note   For Twitter Credentials :   You need...

by KitPloit in Information Gathering, Instagram Downloader, OSINT, Terra

      A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory.     Intro   This...

by KitPloit in Shellcodes, Spoofer, Spoofing, Stitch, ThreadStackSpoofer

VECTR documentation can be found here: https://docs.vectr.ioVECTR Community Discord Channel: https://discord.gg/2FRd8zf728VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention...

by KitPloit in Tracking, Transparency, VECTR

The purpose of this script is to automate the web enumeration process and search for exploits and vulns.   Added Tools (dependencies are installed during script execution): seclist ffuf namelist dnsrecon subfinder whatweb gospider nuclei searchsploit go-exploitdb   It creates a directory with the...

by KitPloit in Container, Enumeration, Exploits, Git, Process, Scan, Script, Search, Web, Webdiscover

Mediator is an end-to-end encrypted reverse shell in which the operator and the shell connect to a "mediator" server that bridges the connections. This removes the...

by KitPloit in Red Team, End To End Encryption, Incident Response Tooling, Live Response, Red Teaming, Socket Programming

This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional resources. The app can run either in...

by KitPloit in Electron, JavaScript, Keeweb, WebApp

  Bruteforcing on Hidden parameters to find SSRF vulnerability using GET and POST Methods     NOTE   Lorsrf has been added to scant3r with useful additions (multi http method , multi content-type (json , query...

by KitPloit in Bugbounty, Bruteforce, Lorsrf, Websecurity

Clash A rule-based tunnel in Go.Features Local HTTP/HTTPS/SOCKS server with authentication support VMess, Shadowsocks, Trojan, Snell protocol support for remote connections...

by KitPloit in Clash, Rule Based, Tunnel

Dumping revelant information on compromised targets without AV detection  DPAPI dumping Lots of credentials are protected by DPAPI. We aim at locating those "secured" credentials,...

by KitPloit in DonPAPI, Kerberos, LAPS, LaZagne, Passwords, RDP, Research, Secrets, VNC

HTTPUploadExfil is a (very) simple HTTP server written in Go that's useful for getting files (and other information) off a machine using HTTP. While there are many use-cases,...

by KitPloit in CTF Tools, HTTPUploadExfil, Pentest Tool