JA4+ is a suite of network Fingerprinting methods that are easy to use and easy to share. These methods are both human and machine readable to facilitate more effective threat-hunting...

by KitPloit in Cybersecurity, golang, Ja3, Ja3 Fingerprint, Ja4, Ja4 Fingerprint, Ja4H, Ja4X, nDPI, Network Analysis, Network Forensics

A collection of fully-undetectable process injection techniques abusing Windows Thread Pools. Presented at Black Hat EU 2023 Briefings under the title - injection-techniques-using-windows-thread-pools-35446">The Pool Party You Will Never...

by KitPloit in PoolParty, Windows

Package go-secdump is a tool built to remotely extract hashes from the SAM registry hive as well as LSA secrets and cached hashes from the SECURITY hive...

by KitPloit in Go-Secdump, Secrets, SMB, Socks, Socks5, Windows

Invisible protocol sniffer for finding vulnerabilities in the network. Designed for pentesters and security engineers. Above: Invisible network protocol snifferDesigned for pentesters and security engineersAuthor: Magama Bazarov, <[email protected]>Pseudonym: CasterVersion:...

by KitPloit in Above, Kali Linux, Network Analysis, Network Discovery, Network Security, Packet Analyzer, Packet Capture, Pcap Parser, Security Tools

V'ger is an interactive command-line application for post-exploitation of authenticated Jupyter instances with a focus on AI/ML security operations. User Stories As a Red Teamer, you've...

by KitPloit in Aisecurity, Jupyter, Mlsecops, Offsec, Poisoning, Post Exploitation, Vger

Perform malware scan analysis of on-prem servers using AWS services Challenges with on-premises malware detection It can be difficult for security teams to continuously monitor all on-premises servers due to...

by KitPloit in Aws Guardduty, Disaster Recovery, Drs-Malware-Scan, Ransomware Prevention

First, a couple of useful oneliners ;) wget "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -O lse.sh;chmod 700 lse.sh curl "https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh" -Lo lse.sh;chmod 700 lse.sh Note that since version 2.10 you can serve the script to...

by KitPloit in Ctfs, Hackthebox, Linux Enumeration, Linux-Smart-Enumeration, Oscp, Pentesting, Privilege Escalation

An open-source, prototype implementation of property graphs for JavaScript based on the esprima parser, and the EsTree SpiderMonkey Spec. JAW can be used for analyzing the client-side of...

by KitPloit in Client Side, JAW, Property Graph, Static Analysis, Vulnerability, Vulnerability Detection, Web Crawling

Tags: Aspx, Encryption, Entropy, Hashes, Malware, Obfuscation, PowerShell, Processes, Scan, Scanning, Scripts, Toolbox, ShellSweepShellSweep - ShellSweeping the evil.Shellsweep - Shellsweeping The Evil.ShellSweep - ShellSweeping The Evil. ShellSweep ShellSweeping the evil...

by KitPloit in

Retrieve and display information about active user sessions on remote computers. No admin privileges required. The tool leverages the remote registry service to query the HKEY_USERS registry...

by KitPloit in Credentials, Invoke-SessionHunter, Localhost, Registry, Scan