May 12, 2022Heyserial - Programmatically Create Hunting Rules For Deserialization Exploitation With Multiple Keywords, Gadget Chains, Object Types, Encodings, And Rule Types

Programmatically create hunting rules for deserialization exploitation with multiple keywords (e.g. cmd.exe) gadget chains (e.g. CommonsCollection) object types (e.g. ViewState, Java, Python Pickle,...

by KitPloit in Heyserial, Snort Rules Generate, Yara Rule Generator, Ysoserial
May 11, 2022DuplicateDump - Dumping LSASS With A Duplicated Handle From Custom LSA Plugin

DuplicateDump is a fork of MirrorDump with following modifications: DInovke implementation LSA plugin DLL written in C++ which could be clean up after dumping...

by KitPloit in Dumping, DuplicateDump, Redteam
May 11, 2022Kubeclarity - Tool For Detection And Management Of Software Bill Of Materials (SBOM) And Vulnerabilities Of Container Images And Filesystems

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems. It scans both runtime K8s clusters and...

by KitPloit in Effortless Integrations, Kubeclarity, Kubernetes Security
May 10, 2022Spring4Shell-Poc - Spring Core RCE 0-day Vulnerability

Description of the vulnerability: https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html Construction of the POC: https://github.com/BobTheShoplifter/Spring4Shell-POC Steps to Build/Run Tested with JDK 11.0.14, Spring Boot 2.6.5, and Apache Tomcat 9.0.60 ...

by KitPloit in Spring Core Rce, Spring4Shell, Spring4Shell-POC, Springshell
May 10, 2022Spring4Shell-POC - Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit

This is a dockerized application that is vulnerable to the Spring4Shell vulnerability (CVE-2022-22965). Full Java source for the war is provided and modifiable, the war will get re-built...

by KitPloit in PoC, Spring4Shell-POC, Tomcat, Vulnerability, Vulnerable
May 10, 2022AutoResponder - Carbon Black Response IR Tool

What is it? AutoResponder is a tool aimed to help people to carry out their Incident Response tasks WITH the help of Carbon Black Response's awesome capabilities...

by KitPloit in AutoResponder, Win32, Windows, Wmi
May 8, 2022CVE-Tracker - With The Help Of This Automated Script, You Will Never Lose Track Of Recently Released CVEs

With the help of this automated script, you will never lose track of newly released CVEs. What does this powershell script do is exactly running the Microsoft Edge...

by KitPloit in CVE-Tracker, Microsoft, PowerShell, Procedure, vulnerabilities
May 7, 2022Zi - A Swiss Army Knife for Zsh - Unix Shell

A Swiss Army Knife for Zsh - Unix Shell.RoadmapSee the open issues for a list of proposed features (and known issues).Top Feature Requests (Add your votes using...

by KitPloit in Swiss Army Knife, Unix, Z Shell, Zi, Zsh
May 7, 2022GoSH - Golang Reverse/Bind Shell Generator

Golang reverse/bind shell generator. Description This tool generates a Go binary that launches a shell of the desired type on the targeted host. The shell...

by KitPloit in Bind Shell, golang, GoSH, Reverse Shell, Shell
May 6, 2022Email-Prediction-Asterisks - Script That Allows You To Identify The Emails Hidden Behind Asterisks

Email prediction asterisks is a script that allows you to identify the emails hidden behind asterisks. It is a perfect application for osint analysts and security forces. It...

by KitPloit in Email-Prediction-Asterisks, OSINT
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques