September 23, 2023HTMLSmuggler - HTML Smuggling Generator And Obfuscator For Your Red Team Operations

The full explanation what is HTML Smuggling may be found here. The primary objective of HTML smuggling is to bypass network security controls, such as firewalls and...

by KitPloit in HTMLSmuggler, Htmlsmuggling, Opsec, Redteam, Smuggling
September 22, 2023Dynmx - Signature-based Detection Of Malware Features Based On Windows API Call Sequences

dynmx (spoken dynamics) is a signature-based detection approach for behavioural malware features based on Windows API call sequences. In a simplified way, you can think of dynmx as...

by KitPloit in Dynmx, Windows, Windows API, Yara
September 21, 2023Sekiryu - Comprehensive Toolkit For Ghidra Headless

This Ghidra Toolkit is a comprehensive suite of tools designed to streamline and automate various tasks associated with running Ghidra in Headless mode. This toolkit provides a wide...

by KitPloit in Binary Exploitation, Ghidra Decompiler, Ghidra Extension, Reverse Engineering, Sekiryu
September 20, 2023Callisto - An Intelligent Binary Vulnerability Analysis Tool

Callisto is an intelligent automated binary vulnerability analysis tool. Its purpose is to autonomously decompile a provided binary and iterate through the psuedo code output looking for potential...

by KitPloit in Callisto, vulnerabilities, Vulnerability, Vulnerability Analysis, Vulnerable
September 19, 2023SMShell - Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers

PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband capable computers. This tool came as an insipiration during a research on...

by KitPloit in Python, Research, SMShell, Windows
September 18, 2023Surf - Escalate Your SSRF Vulnerabilities On Modern Cloud Environments

surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by sending a HTTP request from your machine to...

by KitPloit in http(s), SSRF, Subdomains, Surf, vulnerabilities, Vulnerability
September 17, 2023Promptmap - Automatically Tests Prompt Injection Attacks On ChatGPT Instances

Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the...

by KitPloit in Prompt Engineering, Prompt Injection, Promptmap
September 16, 2023ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer

ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to...

by KitPloit in ADCSKiller, Exploiting, Listener, Python3, Research
September 15, 2023Z9 - PowerShell Script Analyzer

Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install git clone https://github.com/Sh1n0g1/z9 ...

by KitPloit in PowerShell, Registry, Script, Static Analysis, Z9
September 14, 2023NucleiFuzzer - Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open-Redirect, Etc.. Vulnerabilities In Web Applications

NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to...

by KitPloit in Fuzzing Templates, Nuclei Templates, NucleiFuzzer, vulnerabilities
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques