May 15, 2024Hakuin - A Blazing Fast Blind SQL Injection Optimization And Automation Framework

Hakuin is a Blind SQL Injection (BSQLI) optimization and automation framework written in Python 3. It abstracts away the inference logic and allows users to easily...

by KitPloit in Hakuin, Injection, Metadata, MSSQL, OverRide, Parameter, Python, Python3, Vulnerable, Wrapper
May 15, 2024Subhunter - A Fast Subdomain Takeover Tool

Subdomain takeover is a common vulnerability that allows an attacker to gain control over a subdomain of a target domain and redirect users intended for an organization's domain...

by KitPloit in Bug Bounty Tools, Bugbounty, Pentesting, Security Tools, Subdomain Takeover, Subhunter, Takeover Subdomain
May 13, 2024BypassFuzzer - Fuzz 401/403/404 Pages For Bypasses

The original 403fuzzer.py :) Fuzz 401/403ing endpoints for bypasses This tool performs various checks via headers, path normalization, verbs, etc. to attempt to bypass ACL's or...

by KitPloit in 403 Bypass, 403 Forbidden, Bugbounty, BypassFuzzer, Fuzzing, Penetration Testing, Python3, SEES, Webhacking
May 12, 2024PingRAT - Secretly Passes C2 Traffic Through Firewalls Using ICMP Payloads

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads. Features: Uses ICMP for Command and Control Undetectable by most AV/EDR solutions ...

by KitPloit in Firewall Bypass, Fud Rat, Hacking Tools, Penetration Testing, PingRAT, Red Team, Remote Administration Trojan
May 11, 2024LOLSpoof - An Interactive Shell To Spoof Some LOLBins Command Line

LOLSpoof is a an interactive shell program that automatically spoof the command line arguments of the spawned process. Just call your incriminate-looking command line LOLBin (e.g. powershell...

by KitPloit in LOLBin, Lolbins, LOLSpoof, Opsec, Post Exploitation, PowerShell, Spoofing, Telemetry
May 10, 2024SQLMC - Check All Urls Of A Domain For SQL Injections

SQLMC (SQL Injection Massive Checker) is a tool designed to scan a domain for SQL injection vulnerabilities. It crawls the given URL up to a specified depth, checks each...

by KitPloit in Pentest Tool, Pentesting, Python3, Sqlinjection, SQLMC
May 9, 2024BadExclusionsNWBO - An Evolution From BadExclusions To Identify Folder Custom Or Undocumented Exclusions On AV/EDR

BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR. How it works? BadExclusionsNWBO copies and runs Hook_Checker.exe in all folders...

by KitPloit in BadExclusionsNWBO, Edr Evasion, Pentesting, Redteam
May 8, 2024NTLM Relay Gat - Powerful Tool Designed To Automate The Exploitation Of NTLM Relays

NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket tool suite. By leveraging the capabilities of ntlmrelayx.py,...

by KitPloit in NTLM Relay Gat, NTLM Relay Gat
May 8, 2024Ioctlance - A Tool That Is Used To Hunt Vulnerabilities In X64 WDM Drivers

Description Presented at CODE BLUE 2023, this project titled Enhanced Vulnerability Hunting in WDM Drivers with Symbolic Execution and Taint Analysis introduces IOCTLance, a tool...

by KitPloit in htop, Ioctlance, vulnerabilities, Vulnerable, Windows
May 6, 2024Gftrace - A Command Line Windows API Tracing Tool For Golang Binaries

A command line Windows API tracing tool for Golang binaries. Note: This tool is a PoC and a work-in-progress prototype so please treat it as such. Feedbacks...

by KitPloit in DeimosC2, Framework, Gftrace, golang, Malware, Noisy, Parameter, Research, Windows
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques