KitPloit - PenTest Tools!-- "MEDUZA" ("медуза") means "jellyfish" in Ukrainian What is MEDUZA? It's a Frida-based tool, my replacement for SSLKillSwitch. I created it for in-house use, but then decided to opensource it. TBH, I hate open source, but the world is full of compromises... :(How does it work? It's simple. First time, you run … Continue reading MEDUZA – A More Or Less Universal SSL Unpinning Tool For iOS
KitPloit - PenTest Tools!-- Nuubi Tools: Information-ghatering|Scanner|Recon Options: -h/--help | Show help message and exitArguments: -b/--banner | Banner grabing of target ip address -s/--subnet | Subnetlookup of target -c/--cms | Cms detect with headers -d/--dns | Dnslookup of target domain -e/--extract | Extract links from target url(https/http) -H/--http | Httpheaders of target url -n/--nmap | … Continue reading Nuubi Tools – Information Ghatering, Scanner And Recon
KitPloit - PenTest Tools!-- Why? If you try to learn a little bit more about crypto, either because you want to know how the attacks work or just because you want to do safe code, you end up diving really fast into the math behind the algorithms, and for a lot of people this is … Continue reading DamnVulnerableCryptoApp – An App With Really Insecure Crypto
KitPloit - PenTest Tools!-- Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover, or office.com login page.Usage o365enum will read usernames from the file provided as first parameter. The file should have one username per line. The output is CSV-based for easier parsing. Valid status can be 0 (invalid user), 1 (valid user), 2 (valid … Continue reading O365Enum – Enumerate Valid Usernames From Office 365 Using ActiveSync, Autodiscover V1, Or Office.Com Login Page
KitPloit - PenTest Tools!-- A proof-of-concept for WebRTC signaling using sound. Works with all devices that have microphone + speakers. Runs in the browser. Nearby devices negotiate the WebRTC connection by exchanging the necessary Session Description Protocol (SDP) data via a sequence of audio tones. Upon successful negotiation, a local WebRTC connection is established between … Continue reading Wave-Share – Serverless, Peer-To-Peer, Local File Sharing Through Sound
KitPloit - PenTest Tools!-- Gitjacker downloads git repositories and extracts their contents from sites where the .git directory has been mistakenly uploaded. It will still manage to recover a significant portion of a repository even where directory listings are disabled.For educational/penetration testing use only. Installation curl -s "https://raw.githubusercontent.com/liamg/gitjacker/master/scripts/install.sh" | bash ...or grab a precompiled binary. … Continue reading Gitjacker – Leak Git Repositories From Misconfigured Websites
KitPloit - PenTest Tools!-- Nasha is a Virtual Machine for .NET files and its runtime was made in C++/CLI Installation git clone https://github.com/Mrakovic-ORG/NashaVM --recursecd NashaVM\NashaVMnuget restoremsbuildLimitations Slow Several instructions are not implemented Can bug Dependencies dnlib .NET Framework 4.0 Visual C++ Redistrutable Known issues Incompatible with Linux based OS FAQ What is this project for? … Continue reading NashaVM – A Virtual Machine For .NET Files And Its Runtime Was Made In C++/CLI
KitPloit - PenTest Tools!-- SwiftBelt is a macOS enumerator inspired by @harmjoy's Windows-based Seatbelt enumeration tool. SwiftBelt does not utilize any command line utilities and instead uses Swift code (leveraging the Cocoa Framework, Foundation libraries, OSAKit libraries, etc.) to perform system enumeration. This can be leveraged on the offensive side to perform enumeration once you … Continue reading SwiftBelt – A macOS Enumeration Tool Inspired By Harmjoy’S Windows-based Seatbelt Enumeration Tool
KitPloit - PenTest Tools!-- c41n is an automated Rogue Access Point setup tool. c41n provides automated setup of several types of Rogue Access Points, and Evil Twin attacks. c41n sets up an access point with user defined characteristics (interface, name and channel for the access point), sets up DHCP server for the access point, and … Continue reading C41N – An Automated Rogue Access Point Setup Tool
KitPloit - PenTest Tools!-- As indicated by sources like vulndb & cve, on a daily basis, approximately 50 new vulnerabilities become known to industry and it’s safe to assume that count is going to increase furthermore. It’s a huge number of vulnerabilities to assess and remediate effectively and quickly. So today organizations are focusing (or … Continue reading vPrioritizer – Tool To Understand The Contextualized Risk (vPRisk) On Asset-Vulnerability Relationship Level Across The Organization
Hacker's Directory 