Scrying – A Tool For Collecting RDP, Web And VNC Screenshots All In One Place

KitPloit - PenTest Tools!-- A new tool for collecting RDP, web and VNC screenshots all in one place This tool is still a work-in-progress and should be mostly usable but is not yet complete. Please file any bugs or feature requests as GitHub issuesCaveats Web screenshotting relies on Chromium or Google Chrome being installed Motivation … Continue reading Scrying – A Tool For Collecting RDP, Web And VNC Screenshots All In One Place

Awesome Android Security – A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters

KitPloit - PenTest Tools!-- A curated list of Android Security materials and resources For Pentesters and Bug Hunters.Blog AAPG - Android application penetration testing guide TikTok: three persistent arbitrary code executions and one theft of arbitrary files Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913 Android: … Continue reading Awesome Android Security – A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters

Grype – A Vulnerability Scanner For Container Images And Filesystems

KitPloit - PenTest Tools!-- A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Features Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating system packages Alpine BusyBox CentOS / Red Hat Debian Ubuntu Find vulnerabilities for language-specific packages Ruby … Continue reading Grype – A Vulnerability Scanner For Container Images And Filesystems

TASER – Python3 Resource Library For Creating Security Related Tooling

KitPloit - PenTest Tools!-- TASER (Testing And SEecurity Resource) is a Python resource library used to simplify the process of creating offensive security tooling, especially those relating to web or external assessments. It's modular design makes it easy for code to be customized and re-purposed in a variety of scenarios.Key features Easily invoke web spiders … Continue reading TASER – Python3 Resource Library For Creating Security Related Tooling

JWT-Hack – Tool To En/Decoding JWT, Generate Payload For JWT Attack And Very Fast Cracking(Dict/Brutefoce)

KitPloit - PenTest Tools!-- jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)Installation go-get(dev version) $ go get -u github.com/hahwul/jwt-hack homebrew $ brew tap hahwul/jwt-hack$ brew install jwt-hack snapcraft $ sudo snap install jwt-hack Usage d8p 8d8 d88 888888888 888 888 … Continue reading JWT-Hack – Tool To En/Decoding JWT, Generate Payload For JWT Attack And Very Fast Cracking(Dict/Brutefoce)

Decoder++ – An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats

KitPloit - PenTest Tools!-- An extensible application for penetration testers and software developers to decode/encode data into various formats.Setup Decoder++ can be either installed by using pip or by pulling the source from this repository: # Install using pippip3 install decoder-plus-plus Overview This section provides you with an overview about the individual ways of interacting … Continue reading Decoder++ – An Extensible Application For Penetration Testers And Software Developers To Decode/Encode Data Into Various Formats

CobaltStrikeScan – Scan Files Or Process Memory For CobaltStrike Beacons And Parse Their Configuration

KitPloit - PenTest Tools!-- Scan files or process memory for Cobalt Strike beacons and parse their configuration. CobaltStrikeScan scans Windows process memory for evidence of DLL injection (classic or reflective injection) and performs a YARA scan on the target process' memory for Cobalt Strike v3 and v4 beacon signatures. Alternatively, CobaltStrikeScan can perform the same … Continue reading CobaltStrikeScan – Scan Files Or Process Memory For CobaltStrike Beacons And Parse Their Configuration

Manuka – A Modular OSINT Honeypot For Blue Teamers

KitPloit - PenTest Tools!-- Manuka is an Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers. It creates a simulated environment consisting of staged OSINT sources, such as social media profiles and leaked credentials, and tracks signs of adversary interest, closely aligning to MITRE’s PRE-ATT&CK framework. … Continue reading Manuka – A Modular OSINT Honeypot For Blue Teamers

Pesidious – Malware Mutation Using Reinforcement Learning And Generative Adversarial Networks

KitPloit - PenTest Tools!-- Malware Mutation using Deep Reinforcement Learning and GANs The purpose of the tool is to use artificial intelligence to mutate a malware (PE32 only) sample to bypass AI powered classifiers while keeping its functionality intact. In the past, notable work has been done in this domain with researchers either looking at … Continue reading Pesidious – Malware Mutation Using Reinforcement Learning And Generative Adversarial Networks