June 22, 2022MalSCCM - Tool To Abuse Local Or Remote SCCM Servers To Deploy Malicious Applications

This tool allows you to abuse local or remote SCCM servers to deploy malicious applications to hosts they manage. To use this tool your current process must have...

by KitPloit in MalSCCM, SCCM
June 22, 2022GooFuzz - Tool To Perform Fuzzing With An OSINT Approach, Managing To Enumerate Directories, Files, Subdomains Or Parameters Without Leaving Evidence On The Target's Server With Google Dorking

CreditsAuthor: M3n0sD0n4ldTwitter: @David_UtonDescription:GooFuzz is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories without making requests to the web...

by KitPloit in Bash Script, Bugbounty, GooFuzz, Google Dorks, Information Disclosure, Reconnaissance, Red Team
June 21, 2022Naabu - A Fast Port Scanner Written In Go With A Focus On Reliability And Simplicity

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really...

by KitPloit in Cdn Exclusion, Naabu, Portscanner
June 21, 2022Msprobe - Finding All Things On-Prem Microsoft For Password Spraying And Enumeration

Finding all things on-prem Microsoft for password spraying and enumeration. The tool will used a list of common subdomains associated with your target apex domain to attempt...

by KitPloit in Msprobe, NTLM, RDWeb, Spraying
June 20, 2022SharpSniper - Find Specific Users In Active Directory Via Their Username And Logon IP Address

Often a Red Team engagement is more than just achieving Domain Admin. Some clients will want to see if specific users in the domain can be compromised, for...

by KitPloit in mimikatz, Red Team, Red Team Engagement, SharpSniper, Username
June 20, 2022Xss_Vulnerability_Challenges - This Repository Is A Docker Containing Some "XSS Vulnerability" Challenges And Bypass Examples

This repository is a Dockerized php application containing some XSS vulnerability challenges. The ideas behind challenges are: Javascript validation bypass html entities bypass...

by KitPloit in Appsecurity, Cross Site Scripting, OWASP Top 10, Owasp Top Ten, XSS Filter, Xss_Vulnerability_Challenges
June 19, 2022VAmPI - Vulnerable REST API With OWASP Top 10 Vulnerabilities For Security Testing

The Vulnerable API (Based on OpenAPI 3)  VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs....

by KitPloit in Api Rest, Swagger, VAmPI, Vulnerable Web App
June 19, 2022Cervantes - Collaborative Platform For Pentesters Or Red Teams Who Want To Save Time To Manage Their Projects, Clients, Vulnerabilities And Reports In One Place

Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one...

by KitPloit in Burpsuite, Cervantes, Collaboration Platform, Red Team, Red Teaming, Vulnerability Management
June 18, 2022Hunt-Sleeping-Beacons - Aims To Identify Sleeping Beacons

The idea of this project is to identify beacons which are unpacked at runtime or running in the context of another process. To do so, I make...

by KitPloit in Hooking, Hunt-Sleeping-Beacons, Processes
June 18, 2022Nightingale - Docker Environment For Pentesting Which Having All The Required Tool For VAPT

In today's technological era, docker is the most powerful technology in each and every domain, whether it is Development, cyber security, DevOps, Automation, or Infrastructure. ...

by KitPloit in Bugbounty, Nightingale, Platform Independent, vulnerabilities, WPScan
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques