SpoofThatMail – Bash Script To Check If A Domain Or List Of Domains Can Be Spoofed Based In DMARC Records
Bash script to check if a domain or list of domains can be spoofed based in DMARC records File with...
tools
WannaRace – WebApp Intentionally Made Vulnerable To Race Condition For Practicing Race Condition
WebApp intentionally made Four vouchers worth 400 units available for recharge Task is to buy Mega box (which is worth 401...
PasteMonitor – Scrape Pastebin API To Collect Daily Pastes, Setup A Wordlist And Be Alerted By Email When You Have A Match
Scrape Before startBefore starting the tool, make sure to:Get a Pastebin PRO accountEnter the IP address of your machine in...
LACheck – Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration
Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration Arguments domain controller to query (if not ran on a domain-joined host)...
Shellcode-Encryptor – A Simple Shell Code Encryptor/Decryptor/Executor To Bypass Anti Virus
A simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the...
RCLocals – Linux Startup Analyzer
Inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan...
Mortar – Evasion Technique To Defeat And Divert Detection And Prevention Of Security Products (AV/EDR/XDR)
red teaming evasion technique to defeat and divert detection and prevention of security products.Mortar Loader performs encryption and decryption of...
Log4J-Detect – Script To Detect The “Log4j” Java Library Vulnerability (CVE-2021-44228) For A List Of URLs With Multithreading
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreadingThe script...
Rustpad – Multi-Threaded Padding Oracle Attacks Against Any Service
A multi-threaded what now? rustpad is a multi-threaded successor to the classic padbuster, written in Rust. It abuses a Padding...
SyntheticSun – A Defense-In-Depth Security Automation And Monitoring Framework Which Utilizes Threat Intelligence, Machine Learning, Managed AWS Security Services And, Serverless Technologies To Continuously Prevent, Detect And Respond To Threats
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and,...
RPC Firewall – Stopping Lateral Movement via the RPC Firewall
I Need More InformationCheck out our RPC Firewall blog post to gain better understanding of RPC, RPC attacks and the...
Msmailprobe – Office 365 And Exchange Enumeration
Office 365 and Exchange EnumerationIt is widely known that OWA (Outlook Webapp) is vulnerable to time-based user enumeration attacks. This...
Lsarelayx – NTLM Relaying For Windows Made Easy
lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running...
RiotPot – Resilient IoT And Operational Technology Honeypot
RIoTPot is an interoperable medium interaction honeypot, primarily focused on the emulation IoT and OT protocols, although, it is also...
Skrull – A Malware DRM, That Prevents Automatic Sample Submission By AV/EDR And Signature Scanning From Kernel
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers...
PMAT-labs – Labs For Practical Malware Analysis And Triage
Welcome to the labs for Practical Cosmo?You may be wondering, why is there a picture of a handsome cat in...
Top 20 Most Popular Hacking Tools in 2021
As Happy New Year wishes the KitPloit team! If you like the site, please consider joining the telegram channel or...
Snap-Scraper – Snap Scraper Enables Users To Download Media Uploaded To Snapchat’s Snap Map Using A Set Of Latitude And Longitude Coordinates
Snap Scraper is an open source InstallationMacOSDownload the current linked binary in the most recent release. Using terminal ensure you...
SourceLeakHacker – A Multi Threads Web Application Source Leak Scanner
SourceLeakHacker is a muilt-threads web directories scanner.Installationpip install -r requirements.txtUsage dictionary scale --output OUTPUT output folder, default: result/YYYY-MM-DD hh:mm:ss --threads THREADS,...
Onionservice – Manage Your Onion Services Via CLI Or TUI On Unix-like Operating System With A POSIX Compliant Shell
Feature-rich Onion Service manager for UNIX-like operating systems written in POSIX conformant shellscriptA collection of EchosystemOnion Services are the Hidden...
NimHollow – Nim Implementation Of Process Hollowing Using Syscalls (PoC)
Playing around with the 2. Query created process to extract its base address pointer from PEB (Process Environment Block).3. Read...
Spamscanner – Spam Scanner Is The Best Anti-Spam, Email Filtering, And Phishing Prevention Service
Spam Scanner is the best anti-spam, email filtering, and phishing prevention service. Spam Scanner is a drop-in replacement and the...
Spray365 – Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach
Spray365 is a password spraying tool that identifies valid credentials for Spraying Getting StartedInstallationClone the repository, install the required Python...
SQLbit – Just Another Script For Automatize Boolean-Based Blind SQL Injections
A script for automatize boolean-based blind SQL injections. Works with Note: please, use it only for your own servers or...
