June 17, 2022OSIPs - Gathers All Valid IP Addresses From All Text Files From A Directory, And Checks Them Against Whois Database, TOR Relays And Location

This script scans every file from a given folder recursively, extracts every IPv4 and IPv6 address, filters out the public IP addresses and then queries these IPs against...

by KitPloit in OSIPs, Python, Python Script, TOR, Whois
June 17, 2022LambdaGuard - AWS Serverless Security

  AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and...

by KitPloit in Aws Lambda, Dynamodb, LambdaGuard, Serverless Security
June 16, 2022Frostbyte - FrostByte Is A POC Project That Combines Different Defense Evasion Techniques To Build Better Redteam Payloads

FrostByte Progolue: In the past few days I've been experimenting with the AppDomain manager injection technique had a decent success with it in my previous Red Team engagements...

by KitPloit in Frostbyte, Redteam Tools, Remote DLL, SigFlip
June 16, 2022Admin-Panel_Finder - A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces (OTG-CONFIG-005)

A burp suite extension that enumerates infrastructure and application Admin Interfaces. OWASP References: Classification: Web Application Security Testing > 02-Configuration and Deployment Management...

by KitPloit in Admin Dashboard Finder, Admin Login Scanner, Admin-Panel_Finder, Burpsuite Extender, Data Leakage, Find Admin, Sensitive Data Leakage
June 14, 2022Gshell - A Flexible And Scalable Cross-Plaform Shell Generator Tool

A simple yet flexible cross-platform shell generator tool. Name: G(Great) Shell Description: A cross-platform shell generator tool that lets you generate whichever shell you want, in...

by KitPloit in Bypass, Console Application, Cross Platform, Evasion, Gshell, Markdown Parser
June 14, 2022Goreplay - Open-Source Tool For Capturing And Replaying Live HTTP Traffic Into A Test Environment In Order To Continuously Test Your System With Real Data

GoReplay is an open-source network monitoring tool which can record your live traffic and use it for shadowing, load testing, monitoring and detailed analysis. About As...

by KitPloit in Binary, Cloud, Devops, Goreplay, Testing Tools
June 13, 2022SharpEventPersist - Persistence By Writing/Reading Shellcode From Event Log

Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:\path\to\shellcode.bin" -instanceid 1337 -source Persistence...

by KitPloit in DLL, SharpEventPersist, Shellcode
June 13, 2022confluencePot - Simple Honeypot For Atlassian Confluence (CVE-2022-26134)

ConfluencePot is a simple honeypot for the Atlassian Confluence unauthenticated and remote OGNL injection vulnerability (CVE-2022-26134). About the vulnerability You can find the official...

by KitPloit in confluencePot, Cve 2022 26134, Defense, golang, Vulnerability
June 12, 2022DOMDig - DOM XSS Scanner For Single Page Applications

DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single page applications (SPA) recursively. Unlike other scanners, DOMDig can...

by KitPloit in DOMDig, Websockets, XSS, XSS scanner
June 12, 2022Exfilkit - Data Exfiltration Utility For Testing Detection Capabilities

Data exfiltration utility for testing detection capabilities Description Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal...

by KitPloit in Data Exfiltration, Exfilkit, Red Team, Security Tools
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques