June 1, 2022Zap-Scripts - Zed Attack Proxy Scripts For Finding CVEs And Secrets

Zed Attack Proxy Scripts for finding CVEs and Secrets. Building This project uses Gradle to build the ZAP add-on, simply run: ./gradlew build in...

by KitPloit in CVE Scanning, OWASP ZAP, Vulnerability Detection, Vulnerability Scanners, Zap Plugin, Zap-Scripts, Zaproxy
June 1, 2022PowerGram - Multiplatform Telegram Bot In Pure PowerShell

PowerGram is a pure PowerShell Telegram Bot that can be run on Windows, Linux or Mac OS. To make use of it, you only need PowerShell 4 or...

by KitPloit in Linux, Mac, Powergram, PowerShell, Telegram, Telegram Bot, Twitter
May 31, 2022Wrongsecrets - Examples With How To Not Use Secrets

Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize...

by KitPloit in Devsecops, Secrets Management, Terraform Aws, Terraform Azure, Terraform Gcp, Web App, Wrongsecrets
May 31, 2022K0Otkit - Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters

k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters. With k0otkit, you can manipulate all the nodes in the target Kubernetes...

by KitPloit in Container Escape, Container Injection, Container Security, Fileless Attack, Hack K8S, K0Otkit, Kubernetes Security, Post Penetration, Reverse Shell
May 30, 2022Labtainers - A Docker-based Cyber Lab Framework

Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students...

by KitPloit in Cybersecurity, Docker, Labtainers, Whitelisting, Windows, Wireshark, Xterm
May 30, 2022PersistBOF - Tool To Help Automate Common Persistence Mechanisms

A tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut hijacking (User), and Junction Folder (User) ...

by KitPloit in Hijacking, PersistBOF, Registry, Windows
May 29, 2022Mitmproxy2Swagger - Automagically Reverse-Engineer REST APIs Via Capturing Traffic

A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic. ...

by KitPloit in Mitmproxy2Swagger, Openapi, Reverse Engineering, Swagger
May 29, 2022Hakoriginfinder - Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!

Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does it work? This tool will first...

by KitPloit in Bypassing, Hakoriginfinder, Reverse
May 28, 2022BinAbsInspector - Vulnerability Scanner For Binaries

BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is...

by KitPloit in BinAbsInspector, Binary Analysis, Reverse Engineering, Scanner, Scanning, Static Analyzer, vulnerabilities, Vulnerability, Vulnerability Scanner
May 28, 2022Stunner - Tool To Test And Exploit STUN, TURN And TURN Over TCP Servers

Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly used in videoconferencing and audio chats (WebRTC). If...

by KitPloit in Misconfiguration, Stunner, Webrtc, WebSocket, Wireshark
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques