April 15, 2022Shhhloader - SysWhispers Shellcode Loader

Shhhloader is a SysWhispers Shellcode Loader that is currently a Work in Progress. It takes raw shellcode as input and compiles a C++ stub that has been integrated...

by KitPloit in Shellcode, Shellcode Loader, Shhhloader, SysWhispers, Windows, Windows Defender
April 15, 2022modifyCertTemplate - ADCS Cert Template Modification And ACL Enumeration

This tool is designed to aid an operator in modifying ADCS certificate templates so that a created vulnerable state can be leveraged for privilege escalation (and then reset...

by KitPloit in Kerberos, Modification, modifyCertTemplate, NTLM, Privilege, Privilege Escalation, Vulnerable
April 14, 2022vAPI - Vulnerable Adversely Programmed Interface Which Is Self-Hostable API That Mimics OWASP API Top 10 Scenarios Through Exercises

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises. Requirements ...

by KitPloit in Apitop10, Appsec Tutorials, OWASP Top 10, Owasp Top Ten, vAPI, Vulnerable Application
April 14, 2022365Inspect - A PowerShell Script That Automates The Security Assessment Of Microsoft Office 365 Environments

Further the state of O365 security by authoring a PowerShell script that automates the security assessment of Microsoft Office 365 environments. Setup 365Inspect requires the administrative...

by KitPloit in 365Inspect, PowerShell, PowerShell Script, Scanning, Script, Scripts, Security Assessment
April 13, 2022Presshell - Quick And Dirty Wordpress Command Execution Shell

presshell Quick & dirty Wordpress Command Execution Shell. Execute shell commands on your wordpress server. Uploaded shell will probably be at <your-host>/wp-content/plugins/shell/shell.php ...

by KitPloit in Backdoor, Pentest, Presshell, Remote Code Execution, Wordpress, WordPress Plugin
April 13, 2022Melody - A Transparent Internet Sensor Built For Threat Intelligence

Melody Monitor the Internet's background noiseMelody is a transparent internet sensor built for threat intelligence and supported by a detection rule framework which allows you to tag...

by KitPloit in Internet Noise, Internet Sensor, Melody, Tag Packets, Threat Intelligence, Threat Monitoring, Vulnerable, Vulnerable Application
April 12, 2022Maat - Open-source Symbolic Execution Framework

Maat is an open-source Dynamic Symbolic Execution and Binary Analysis framework. It provides various functionalities such as symbolic execution, taint analysis, constraint solving, binary loading, environment simulation, and...

by KitPloit in Maat, Python, Reporting, Sleigh, Symbolic Execution
April 12, 2022NimPackt-v1 - Nim-based Assembly Packer And Shellcode Loader For Opsec And Profit

By Cas van Cooten (@chvancooten) With special thanks to Marcello Salvati (@byt3bl33der) and Fabian Mosch (@S3cur3Th1sSh1t) Description Update: NimPackt-v1 is among the worst code I...

by KitPloit in NimPackt-v1, Shellcode, Shellcode Loader, Static Analysis, Syscalls, Tracing, Windows, Winlogon
April 11, 2022LDAP shell - AD ACL Abuse

This repository contains a small tool inherited from ldap_shell (https://github.com/SecureAuthCorp/impacket/blob/master/impacket/examples/ldap_shell.py). Installation These tools are only compatible with Python 3.5+. Clone the repository from GitHub, install the...

by KitPloit in Python, LAPS, Passwords, GPO, LDAP shell, LDAP shell
April 11, 2022EvilSelenium - A Tool That Weaponizes Selenium To Attack Chromium Based Browsers

EvilSelenium is a new project that weaponizes Selenium to abuse Chromium-based browsers. The current features right now are: Steal stored credentials (via autofill) Steal...

by KitPloit in EvilSelenium, WhatsApp, Windows
Archives
Categories
Tags
Bugbounty Cybersecurity Devsecops Dfir Distribution golang Information Gathering Infosec Kali Kali Linux Kerberos Linux Malware Analysis Malware Detection Microsoft mimikatz msfvenom NTLM OSINT Payload Penetration Testing Pentest Tool Pentesting Post Exploitation PowerShell Privilege Escalation Processes Python Python3 Recon Reconnaissance Red Team Red Teaming Redteam Redteam Tools Remote Research Reverse Engineering Scan Scanner Scanning Scripts Security Security Tools Shellcode SMB Spoofing SSH Static Analysis Subdomain Syscalls Testing Threat Hunting Threat Intelligence Toolkit Traffic Username vulnerabilities Vulnerability Vulnerability Scanners Vulnerable Win32 Windows Windows 10 Wireshark Wordlist XSS Yara Blueteam Subdomains Windows Defender Wrapper Redteaming Techniques