May 1, 2022BackupOperatorToDA - From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller

If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or WinRM on the Domain Controller. All credit...

by KitPloit in BackupOperatorToDA, WinRM
April 30, 2022Dora - Find Exposed API Keys Based On RegEx And Get Exploitation Methods For Some Of Keys That Are Found

Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to write a...

by KitPloit in Apikeys, Bugbounty, Bugcrowd, Dora, Ethical Hacking, Exploits, Hackerone, Infosec, Python
April 30, 2022Requests-Ip-Rotator - A Python Library To Utilize AWS API Gateway's Large IP Pool As A Proxy To Generate Pseudo-Infinite IPs For Web Scraping And Brute Forcing

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing. This library will allow the...

by KitPloit in Apigateway, Requests-Ip-Rotator, Web Security
April 29, 2022Osinteye - Username Enumeration And Reconnaisance Suite

Username Enumeration And Reconnaisance Suite    Supported sites PyPI Github TestPypi About.me Instagram DockerHub Installation ...

by KitPloit in OSINT Tool, Osinteye, Testpypi, Username Checker, Username Enumeration
April 29, 2022Lupo - Malware IOC Extractor. Debugging Module For Malware Analysis Automation

Debugging module for Malware Analysis Automation For a step by step post on how to use Lupo, with images and instructions, please see this post: https://medium.com/@vishal_thakur/lupo-malware-ioc-extractor-cc86ae76b85d ...

by KitPloit in Lupo, OSINT, Research, WinDbg, Windows
April 28, 2022IOSSecuritySuite - iOS Platform Security And Anti-Tampering Swift Library

 iOS Security Suite is an advanced and easy-to-use platform security & anti-tampering library written in pure Swift! If you are developing for iOS and you want to...

by KitPloit in IOSSecuritySuite, Reverse Engineering, Security, SHA256, Socket, Swift
April 28, 2022Rip Raw - Small Tool To Analyse The Memory Of Compromised Linux Systems

Rip Raw is a small tool to analyse the memory of compromised Linux systems. It is similar in purpose to Bulk Extractor, but particularly focused on extracting...

by KitPloit in Dfir, Dfir Automation, Forensic Analysis, Forensics, Memory Forensics, Rip Raw, Rip Raw
April 27, 2022BITB - Browser In The Browser (BITB) Templates

Browser templates for Browser In The Browser (BITB) attack. More information: https://mrd0x.com/browser-in-the-browser-phishing-attack/ Usage Each folder has a index.html file which has 4 variables that must...

by KitPloit in BITB, Phishing, Windows
April 27, 2022O365-Doppelganger - A Quick Handy Script To Harvest Credentials Off Of A User During A Red Team And Get Execution Of A File From The User

O365-Doppelganger is NOT a replacement for hardcore phishing activities. There are several other tools which perform OAuth and OTA capture which is not the aim of O365-Doppelganger. ...

by KitPloit in O365-Doppelganger, Phishing, Red Team, Red Team Engagement, Windows
April 26, 2022VulFi - Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries

The VulFi (Vulnerability Finder) tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide...

by KitPloit in IDA Plugin, IDA Pro, VulFi, Vulnerability Research
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques