November 18, 2022Slicer - Tool To Automate The Boring Process Of APK Recon

A tool to automate the recon process on an APK file. Slicer accepts a path to an extracted APK file and then returns all the activities, receivers,...

by KitPloit in Apktool, Bugbounty, dirsearch, Hacktoberfest, Slicer
November 17, 2022nuvola - Tool To Dump And Perform Automatic And Manual Security Analysis On Aws Environments Configurations And Services

nuvola (with the lowercase n) is a tool to dump and perform automatic and manual security analysis on AWS environments configurations and services using predefined, extensible and custom...

by KitPloit in Cloudsecurity, Devops, Devsecops, golang, Graph Theory, Misconfigurations, Neo4J, Nuvola, Redteaming
November 16, 2022TripleCross - A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.

TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. DutGdHHpRHDqGgFc TripleCross is inspired by previous implant designs in this area, notably the works of...

by KitPloit in eBPF, Libbpf, Security, TripleCross, UserLAnd, Vault, Xdp
November 15, 2022Dismember - Scan Memory For Secrets And More

Dismember is a command-line toolkit for Linux that can be used to scan the memory of all processes (or particular ones) for common secrets and custom regular expressions,...

by KitPloit in CTF, Dismember, Proc, Secret Scanner
November 14, 2022Unblob - Extract Files From Any Kind Of Container Formats

unblob is an accurate, fast, and easy-to-use extraction suite. It parses unknown binary blobs for more than 30 different archive, compression, and file-system formats, extracts their...

by KitPloit in Compression, Reverse Engineering, Unblob
November 13, 2022SCMKit - Source Code Management Attack Toolkit

Source Code Management Attack Toolkit - SCMKit is a toolkit that can be used to attack SCM systems. SCMKit allows the user to specify the SCM system and...

by KitPloit in SCMKit, Toolkit, Up-to-date, Username, Visibility, Yara
November 12, 2022autoSSRF - Smart Context-Based SSRF Vulnerabiltiy Scanner

autoSSRF is your best ally for identifying SSRF vulnerabilities at scale. Different from other ssrf automation tools, this one comes with the two following original features : ...

by KitPloit in autoSSRF, Bugbounty, Fuzzing, Python3, Spraying, SSRF, vulnerabilities
November 11, 2022TeamFiltration - Cross-Platform Framework For Enumerating, Spraying, Exfiltrating, And Backdooring O365 AAD Accounts

TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts. See the TeamFiltration wiki page for an introduction into how TeamFiltration works and the Quick Start...

by KitPloit in OverRide, REST API, Spraying, SSO, TeamFiltration, Teams, Username, Usernames, Windows
November 10, 2022NGWAF - First Iteration Of ML Based Feedback WAF

The Motivation | What is the N3XT ST3P? With the explosive growth of web applications since the early 2000s, web-based attacks have progressively become more rampant. One common solution...

by KitPloit in Cybersecurity, NGWAF, Novel, WAF
November 9, 2022RDPHijack-BOF - Cobalt Strike Beacon Object File (BOF) That Uses WinStationConnect API To Perform Local/Remote RDP Session Hijacking

Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access token / kerberos ticket (e.g., golden ticket) of...

by KitPloit in Access Token, Beacon, Cobalt Strike, Kerberos, RDPHijack-BOF
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques