May 9, 2023Domain-Protect - OWASP Domain Protect - Prevent Subdomain Takeover

OWASP Global AppSec Dublin - talk and demo Features scan Amazon Route53 across an AWS Organization for domain records vulnerable to takeover...

by KitPloit in Bugbounty, Domain-Protect, Security Tools, Terraform
May 8, 2023Nimbo-C2 - Yet Another (Simple And Lightweight) C2 Framework

About Nimbo-C2 is yet another (simple and lightweight) C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in Nim, with some usage...

by KitPloit in C2 Framework, Command And Control, Nimbo-C2, Pentesting Tools, Red Team Tools
May 7, 2023NTLMRecon - A Tool For Performing Light Brute-Forcing Of HTTP Servers To Identify Commonly Accessible NTLM Authentication Endpoints

NTLMRecon is a Golang version of the original NTLMRecon utility written by Sachin Kamath (AKA pwnfoo). NTLMRecon can be leveraged to perform brute forcing against a targeted webserver...

by KitPloit in golang, NTLMRecon, Redteam, Webserver
May 6, 2023Fuzztruction - Prototype Of A Fuzzer That Does Not Directly Mutate Inputs (As Most Fuzzers Do) But Instead Uses A So-Called Generator Application To Produce An Input For Our Fuzzing Target

Fuzztruction is an academic prototype of a fuzzer that does not directly mutate inputs (as most fuzzers do) but instead uses a so-called generator application to produce an...

by KitPloit in Fuzztruction, Program Analysis, Scripts, Shells, Testing, Wrapper
May 5, 2023Spartacus - DLL Hijacking Discovery Tool

Why "Spartacus"? If you have seen the film Spartacus from 1960, you will remember the scene where the Romans are asking for Spartacus to give himself up....

by KitPloit in Accenture Security, Procmon, Proxy Dlls, Spartacus, Windows
May 4, 2023Teler-Waf - A Go HTTP Middleware That Provides Teler IDS Functionality To Protect Against Web-Based Attacks And Improve The Security Of Go-based Web Applications

teler-waf is a comprehensive security solution for Go-based web applications. It acts as an HTTP middleware, providing an easy-to-use interface for integrating IDS functionality with teler IDS into...

by KitPloit in Go Library, Go Package, Security Tools, Teler Ids, Teler Waf, Teler Waf
May 3, 2023Metlo - An Open-Source API Security Platform

Secure Your API. Metlo is an open-source API security platform With Metlo you can: Create...

by KitPloit in Api Pentest, Api Security, Bugbounty Tools, Infosectools, Metlo, Vulnerability Detection
May 2, 2023hardCIDR - Linux Bash Script To Discover The Netblocks, Or Ranges, Owned By The Target Organization

A Linux Bash script to discover the netblocks, or ranges, (in CIDR notation) owned by the target organization during the intelligence gathering phase of a penetration...

by KitPloit in Gathering Information, hardCIDR, Intelligence Gathering, Linux
May 1, 2023REcollapse Is A Helper Tool For Black-Box Regex Fuzzing To Bypass Validations And Discover Normalizations In Web Applications

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications. It can also be helpful to bypass WAFs and...

by KitPloit in Hacking Tools, Normalization, REcollapse, WAF Bypass
April 30, 2023Sh4D0Wup - Signing-key Abuse And Update Exploitation Framework

Signing-key abuse and update exploitation framework. % docker run -it --rm ghcr.io/kpcyrd/sh4d0wup:edge -hUsage: sh4d0wup [OPTIONS] <COMMAND>Commands: bait Start a malicious...

by KitPloit in Penetration Testing, Redteaming, Sh4D0Wup, Supply Chain Security
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques