January 12, 2023KRIe - Linux Kernel Runtime Integrity With eBPF

KRIe is a research project that aims to detect Linux Kernel exploits with eBPF. KRIe is far from being a bulletproof strategy: from eBPF related limitations to post...

by KitPloit in eBPF, golang, KRIe, Research Project, Runtime, Vulnerable
January 11, 2023PowerHuntShares - Audit Script Designed In Inventory, Analyze, And Report Excessive Privileges Configured On Active Directory Domains

PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers. It is intented to help IAM and other...

by KitPloit in PowerHuntShares, Remote Access, SMB, Subnet, Windows, Windows 10
January 10, 2023TerraLdr - A Payload Loader Designed With Advanced Evasion Features

TerraLdr: A Payload Loader Designed With Advanced Evasion Features Details: no crt functions imported syscall unhooking using KnownDllUnhook ...

by KitPloit in Edrs, Spoofing, TerraLdr, Windows
January 9, 2023YATAS - A Simple Tool To Audit Your AWS Infrastructure For Misconfiguration Or Potential Security Issues With Plugins Integration

Yet Another Testing & Auditing Solution The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won't check for...

by KitPloit in Assessment, Best Practices, Configuration, Devsecops, Hardening, YATAS
January 8, 2023AceLdr - Cobalt Strike UDRL For Memory Scanner Evasion

A position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect.  Features Easy to Use Import a single...

by KitPloit in AceLdr, Obfuscation, Scanner, Spoofing
January 7, 2023REST-Attacker - Designed As A Proof-Of-Concept For The Feasibility Of Testing Generic Real-World REST Implementations

REST-Attacker is an automated penetration testing framework for APIs following the REST architecture style. The tool's focus is on streamlining the analysis of generic REST API implementations...

by KitPloit in Python3, REST API, REST-Attacker, Testing Framework, Troubleshooting
January 6, 2023DotDumper - An Automatic Unpacker And Logger For DotNet Framework Targeting Files

An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022. The automatic detection and classification of any...

by KitPloit in DotDumper, Stealer, Uncover, Unpacker, Unpacking, Windows, Windows API
January 5, 2023ExchangeFinder - Find Microsoft Exchange Instance For A Given Domain And Identify The Exact Version

ExchangeFinder is a simple and open-source tool that tries to find Micrsoft Exchange instance for a given domain based on the top common DNS names for Microsoft Exchange....

by KitPloit in ExchangeFinder, Microsoft, Python3
January 4, 2023Villain - Windows And Linux Backdoor Generator And Multi-Session Handler That Allows Users To Connect With Sibling Servers And Share Their Backdoor Sessions

Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions,...

by KitPloit in Penetration Testing Tools, Readteaming, Redteam, Redteam Tools, Villain
January 3, 2023PXEThief - Set Of Tooling That Can Extract Passwords From The Operating System Deployment Functionality In Microsoft Endpoint Configuration Manager

PXEThief is a set of tooling that implements attack paths discussed at the DEF CON 30 talk Pulling Passwords out of Configuration Manager (https://forum.defcon.org/node/241925) against the Operating System...

by KitPloit in Privilege Escalation, PXEThief, Python, Registry, Registry Key, Windows
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques