KitPloit - PenTest Tools!-- Web shell analyzer is a cross platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is the bigger brother to the web shell scanner project (http://github.com/tstillz/webshell-scan), which only scans files via regex, no decoding or … Continue reading Webshell-Analyzer – Web Shell Scanner And Analyzer
KitPloit - PenTest Tools!-- The Trident project is an automated password spraying tool developed to meet the following requirements: the ability to be deployed on several cloud platforms/execution providers the ability to schedule spraying campaigns in accordance with a target’s account lockout policy the ability to increase the IP pool that authentication attempts originate from … Continue reading Trident – Automated Password Spraying Tool
KitPloit - PenTest Tools!-- For a list of functions, their usage, and more, check out https://powerzure.readthedocs.io What is PowerZure? PowerZure is a PowerShell project created to assess and exploit resources within Microsoft’s cloud platform, Azure. PowerZure was created out of the need for a framework that can both perform reconnaissance and exploitation of Azure, AzureAD, … Continue reading PowerZure – PowerShell Framework To Assess Azure Security
KitPloit - PenTest Tools!-- This project allows you to easily spin up Active Directory labs in Azure with domain-joined workstations, Windows Event Forwarding, Kibana, and Sysmon using Terraform/Ansible. It exposes a high-level configuration file for your domain to allow you to customize users, groups and workstations. dns_name: hunter.labdc_name: DC-1initial_domain_admin: username: hunter password: MyAdDomain!organizational_units: {}users:- username: … Continue reading Adaz – Automatically Deploy Customizable Active Directory Labs In Azure
KitPloit - PenTest Tools!-- Collection of PowerShell functions a Red Teamer may use to collect data from a machine or gain access to a target. I added ps1 files for the commands that are included in the RedTeamEnum module. This will allow you to easily find and use only one command if that is all … Continue reading PowerShell-Red-Team – Collection Of PowerShell Functions A Red Teamer May Use To Collect Data From A Machine
KitPloit - PenTest Tools!-- APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck APICheck focuses not only in the security testing and hacking use cases. The goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to diverse users profiles: Developers System Administrators … Continue reading APICheck – The DevSecOps Toolset For REST APIs
KitPloit - PenTest Tools!-- The Nethive Project provides a Security Information and Event Management (SIEM) insfrastructure empowered by CVSS automatic measurements. Features Machine Learning powered SQL Injection Detection Server-side XSS Detection based on Chrome's XSS Auditor Post-exploitation Detection powered by Auditbeat Bash Command History Tracker CVSS Measurement on Detected Attacks Realtime Log Storing powered by … Continue reading Nethive-Project – Restructured And Collaborated SIEM And CVSS Infrastructure
KitPloit - PenTest Tools!-- The purpose of this project is to analyse a raw binary firmware and determine automatically some of its features. This tool is compatible with all architectures as basically, it just does simple statistics on it. In order to compute the loading address, you will need the help of an external reverse … Continue reading Binbloom – Raw Binary Firmware Analysis Software
KitPloit - PenTest Tools!-- eDEX-UI is a fullscreen, cross-platform terminal emulator and system monitor that looks and feels like a sci-fi computer interface. Heavily inspired from the TRON Legacy movie effects (especially the Board Room sequence), the eDEX-UI project was originally meant to be "DEX-UI with less « art » and more « distributable software … Continue reading eDEX-UI – A Cross-Platform, Customizable Science Fiction Terminal Emulator With Advanced Monitoring &Touchscreen Support
KitPloit - PenTest Tools!-- Widevine is a Google-owned DRM system that's in use by many popular streaming services (Netflix, Spotify, etc.) to prevent media content from being downloaded. But Widevine's least secure security level, L3, as used in most browsers and PCs, is implemented 100% in software (i.e no hardware TEEs), thereby making it reversible … Continue reading Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM
Hacker's Directory 