RPC Firewall – Stopping Lateral Movement via the RPC Firewall
I Need More InformationCheck out our RPC Firewall blog post to gain better understanding of RPC, RPC attacks and the...
tools
Msmailprobe – Office 365 And Exchange Enumeration
Office 365 and Exchange EnumerationIt is widely known that OWA (Outlook Webapp) is vulnerable to time-based user enumeration attacks. This...
Lsarelayx – NTLM Relaying For Windows Made Easy
lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running...
RiotPot – Resilient IoT And Operational Technology Honeypot
RIoTPot is an interoperable medium interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also...
Skrull – A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR And Signature Scanning From Kernel
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers...
PMAT-labs – Labs For Practical Malware Analysis And Triage
Welcome to the labs for Practical Cosmo?You may be wondering, why is there a picture of a handsome cat in...
Top 20 Most Popular Hacking Tools in 2021
As Happy New Year wishes the KitPloit team! If you like the site, please consider joining the telegram channel or...
Snap-Scraper – Snap Scraper Enables Users To Download Media Uploaded To Snapchat’s Snap Map Using A Set Of Latitude And Longitude Coordinates
Snap Scraper is an open source InstallationMacOSDownload the current linked binary in the most recent release. Using terminal ensure you...
SourceLeakHacker – A Multi Threads Web Application Source Leak Scanner
SourceLeakHacker is a muilt-threads web directories scanner.Installationpip install -r requirements.txtUsage dictionary scale --output OUTPUT output folder, default: result/YYYY-MM-DD hh:mm:ss --threads THREADS,...
Onionservice – Manage Your Onion Services Via CLI Or TUI On Unix-like Operating System With A POSIX Compliant Shell
Feature-rich Onion Service manager for UNIX-like operating systems written in POSIX conformant shellscriptA collection of EchosystemOnion Services are the Hidden...
NimHollow – Nim Implementation Of Process Hollowing Using Syscalls (PoC)
Playing around with the 2. Query created process to extract its base address pointer from PEB (Process Environment Block).3. Read...
Spamscanner – Spam Scanner Is The Best Anti-Spam, Email Filtering, And Phishing Prevention Service
Spam Scanner is the best anti-spam, email filtering, and phishing prevention service. Spam Scanner is a drop-in replacement and the...
Spray365 – Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach
Spray365 is a password spraying tool that identifies valid credentials for Spraying Getting StartedInstallationClone the repository, install the required Python...
SQLbit – Just Another Script For Automatize Boolean-Based Blind SQL Injections
A script for automatize boolean-based blind SQL injections. Works with Note: please, use it only for your own servers or...
MultiPotato – Another Potato to get SYSTEM via SeImpersonate privileges
First of all - credit to CreateProcessAsUserW with SpoolSample trigger:c:tempMultiPotato> MultiPotato.exe -t CreateProcessAsUserW -p "pwnedpipespoolss" -e "C:tempstage2.exe"And trigger it viac:tempMultiPotato>MS-RPRN.exe...
TrojanSourceFinder – Help Find Trojan Source Vulnerability In Code
TrojanSourceFinder helps developers detect "Trojan Source" Homoglyph AlternativeAs mentioned by @ioah86 here, trojan source could also been detected w/ a one...
Umay – IoT Malware Similarity Analysis Platform
IoT This project provides IoT malware similarity analysis based on shared codes. It helps to identify other malwares that have...
MUI – A GUI Plugin For Binary Ninja To Easily Interact With And View The Progress Of Manticore
With the State Graph WidgetShows the provenance tree for a certain state selected in the list widget. Tab can be...
Web Cache Vulnerability Scanner – A Go-based CLI Tool For Testing For Web Cache Poisoning
Web Cache Vulnerability Scanner (WCVS) is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit.The scanner...
Mesh-Kridik – An Open-Source Security Checker That Performs Various Security Checks On A Kubernetes Cluster With Istio Service Mesh And Is Leveraged By OPA (Open Policy Agent) To Enforce Security Rules
Enhance your RequirementsGo 1.16+jqistioInstallationgit clone https://github.com/chen-keinan/mesh-kridikcd mesh-kridikmake buildNote: mesh-kridik require root user to be executedQuick StartExecute Mesh-Kridik without any flags...
Mariana Trench – Security Focused Static Analysis Tool For Android And Java Applications
Mariana Trench is a security focused The issue tells you that Mariana Trench found a remote code execution in MainActivity.onCreate...
log4j-scan – A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts
A fully automated, accurate, and extensive scanner for finding DescriptionWe have been researching the Log4J RCE (CVE-2021-44228) since it was...
Log4J-Detector – Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046
Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. It is able to...
Jektor – A Windows User-Mode Shellcode Execution Tool That Demonstrates Various Techniques That Malware Uses
This utility focuses on shellcode Anti-virus detection?:Pre-pending a set of NOPs to a Msfvenom XOR encrypted shellcode payload while using...
