Hetty – An HTTP Toolkit For Security Research

KitPloit - PenTest Tools!-- Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.Features Man-in-the-middle (MITM) HTTP/1.1 proxy with logs Project based database storage (SQLite) Scope support Headless … Continue reading Hetty – An HTTP Toolkit For Security Research

JSMon – JavaScript Change Monitor for BugBounty

KitPloit - PenTest Tools!-- Using this script, you can configure a number of JavaScript files on websites that you want to monitor. Everytime you run this script, these files will be fetched and compared to the previously fetched version. If they have changed, you will be notified via Telegram with a message containing a link … Continue reading JSMon – JavaScript Change Monitor for BugBounty

Threagile – Agile Threat Modeling Toolkit

KitPloit - PenTest Tools!-- Threagile (see https://threagile.io for more details) is an open-source toolkit for agile threat modeling: It allows to model an architecture with its assets in an agile fashion as a YAML file directly inside the IDE. Upon execution of the Threagile toolkit all standard risk rules (as well as individual custom rules … Continue reading Threagile – Agile Threat Modeling Toolkit

GWTMap – Tool to help map the attack surface of Google Web Toolkit

KitPloit - PenTest Tools!-- GWTMap is a tool to help map the attack surface of Google Web Toolkit (GWT) based applications. The purpose of this tool is to facilitate the extraction of any service method endpoints buried within a modern GWT application's obfuscated client-side code, and attempt to generate example GWT-RPC requests payloads to interact … Continue reading GWTMap – Tool to help map the attack surface of Google Web Toolkit

Tempomail – Generate A Custom Email Address In 1 Second And Receive Emails

KitPloit - PenTest Tools!-- tempomail is a standalone binary that allows you to create a temporary email address in 1 Second and receive emails. It uses 1secmail's API. No dependencies required!Installation From Binary Download the pre-built binaries for different platforms from the releases page. Extract them using tar, move it to your $PATH and you're … Continue reading Tempomail – Generate A Custom Email Address In 1 Second And Receive Emails

Kraken – Cross-platform Yara Scanner Written In Go

KitPloit - PenTest Tools!-- Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, research and ad-hoc detections (not for endpoint protection). Following are the core features: Scan running executables and memory of running processes with provided Yara rules (leveraging go-yara). … Continue reading Kraken – Cross-platform Yara Scanner Written In Go

SwiftyInsta – Instagram Unofficial Private API Swift

KitPloit - PenTest Tools!-- Instagram offers two kinds of APIs to developers. The Instagram API Platform (extremely limited in functionality and close to being discontinued), and the Instagram Graph API for Business and Creator accounts only. However, Instagram apps rely on a third type of API, the so-called Private API or Unofficial API, and SwiftyInsta … Continue reading SwiftyInsta – Instagram Unofficial Private API Swift

Brutto – Easy Brute Forcing To Whatever You Want

KitPloit - PenTest Tools!-- Easy brute forcing to whatever you want, Its magic increasing values and direct.Implementation Clone git clone https://github.com/jofpin/brutto.git Download the latest version Install with Python: python setup.py install # So you import the libraryfrom brutto_easy import Brutto How to use Includes all the letters (A - Z ) in case sensitive. All … Continue reading Brutto – Easy Brute Forcing To Whatever You Want

Feroxbuster – A Fast, Simple, Recursive Content Discovery Tool Written In Rust

KitPloit - PenTest Tools!-- What the heck is a ferox anyway? Ferox is short for Ferric Oxide. Ferric Oxide, simply put, is rust. The name rustbuster was taken, so I decided on a variation. What's it do tho? feroxbuster is a tool designed to perform Forced Browsing. Forced browsing is an attack where the aim … Continue reading Feroxbuster – A Fast, Simple, Recursive Content Discovery Tool Written In Rust

DeepBlueCLI – a PowerShell Module for Threat Hunting via Windows Event Logs

KitPloit - PenTest Tools!-- DeepBlueCLI - a PowerShell Module for Threat Hunting via Windows Event Logs Eric Conrad, Backshore Communications, LLC deepblue at backshore dot net Twitter: @eric_conrad http://ericconrad.com Sample evtx files are in the .\evtx directoryUsage: .\DeepBlue.ps1 <event log name> <evtx filename> See the Set-ExecutionPolicy Readme if you receive a 'running scripts is disabled … Continue reading DeepBlueCLI – a PowerShell Module for Threat Hunting via Windows Event Logs