TheNote
RSS KitPloit - PenTest Tools! Note
GooglePlay AppStore

RSS KitPloit - PenTest Tools!

KitPloit is a comprehensive open-source cybersecurity framework, designed for systems operations, penetration testing, and cybersecurity education. It provides an extensive set of tools for conducting ethical hacking, security audits, and training users in penetration testing. The website aims to enhance ethical hacking and security awareness among users with its user-friendly graphical interface, which simplifies complex penetration testing procedures. It operates with multiple penetration testing platforms, and offers a flexible and expandable structure that is updated regularly to address new security challenges and exploit vectors.
RSS feeds.feedburner.com
KitPloit - PenTest Tools! kitploit.com
RSS Hunter RSS Hunter Aug 19, 2024

Thread Of Notes

Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices

This GitHub repository provides a collection of search queries, known as "dorks," for Shodan, a powerful tool used to search for Internet-connected devices. The dorks are designed to help security researchers discover potential vulnerabilities and configuration issues in various types of devices. This resource is helpful for both beginners and experienced information security professionals. By leveraging this repository, users can improve the security of their own networks and protect against potential attacks. The repository includes a wide range of search queries, including those for specific devices, software, and configurations. These queries can be used to identify potential vulnerabilities and weaknesses in devices and systems. The search queries are categorized by device type, software, and configuration, making it easier to find specific vulnerabilities. The repository is a valuable resource for security researchers, penetration testers, and system administrators. It provides a comprehensive list of search queries that can be used to identify potential vulnerabilities and weaknesses in devices and systems.
http://www.kitploit.com/2025/05/shodan-dorks-dorks-for-shodan-powerful.html kitploit.com
CdXz5zHNQW_NA0lCq5f1l.png
RSS Hunter RSS Hunter May 11, 2025

Pegasus-Pentest-Arsenal - A Comprehensive Web Application Security Testing Toolkit That Combines 10 Powerful Penetration Testing Features Into One Tool

Pegasus-Pentest-Arsenal is a comprehensive web application security testing toolkit that combines 10 powerful penetration testing features into one tool. The toolkit was created by Letda Kes Dr. Sobri, S.Kom, and is available on GitHub. The features of the toolkit include subdomain discovery, HTTP scanner, JWT token inspector, parameter pollution finder, CORS misconfiguration scanner, upload bypass tester, exposed .git directory finder, SSRF detector, blind SQL injection time delay detector, and local file inclusion mapper. The toolkit can be installed by cloning the repository, creating a virtual environment, and installing dependencies. The toolkit is for educational and authorized testing only and should be used responsibly and ethically. Users are responsible for obtaining proper authorization before testing any target, and the authors are not responsible for any misuse or damage caused by this tool. The toolkit is licensed under the MIT License, and users can contribute to the project by forking the repository, creating a feature branch, committing changes, pushing to the branch, and creating a pull request. The toolkit requires Python 3.8+ and certain packages listed in the requirements.txt file. The toolkit should be used for educational and authorized purposes only, and users should always obtain proper authorization before testing any target.
http://www.kitploit.com/2025/05/pegasus-pentest-arsenal-comprehensive.html kitploit.com
CdXz5zHNQW_sXCPCnIBu8.png
RSS Hunter RSS Hunter May 11, 2025

Witcher - Managing GitHub Advanced Security (GHAS) Controls At Scale

Witcher is a NodeJS tool designed to implement and monitor application security controls at scale in GitHub. It supports modules like GHAS, Dependabot, Secret Scanning, CodeQL, IaC, and Workflows. The tool allows users to enable, disable, check the status, and manage alerts for these modules across an organization. It can be installed and run using Docker, requiring environment variables for GitHub authentication and optional integrations. Witcher offers features like daily summaries, mass actions, and integrations with Slack, SIEM, and Jira. Repositories can be excluded from core functions via a configuration file. Common commands include listing GHAS status, enabling/disabling GHAS, and retrieving code scanning vulnerabilities. The daily summary provides a comprehensive overview of security statuses, including GHAS, Dependabot, and Code Scanning. Witcher excludes public, archived, and deprecated repositories from its operations and has a roadmap for future enhancements.
http://www.kitploit.com/2025/05/witcher-managing-github-advanced.html kitploit.com
CdXz5zHNQW_50DOgC2uCu.gif
RSS Hunter RSS Hunter May 9, 2025

ByeDPIAndroid - App To Bypass Censorship On Android

ByeDPIAndroid is an Android application designed to circumvent Deep Packet Inspection (DPI) and censorship by running a local SOCKS5 proxy. The app redirects all traffic through ByeDPI without requiring root access. It does not encrypt traffic or hide the user's IP address like a traditional VPN. Users can configure settings to bypass specific blocks, referencing ByeDPI documentation for details. The application is compatible with AdGuard when configured in proxy mode and added to AdGuard's exceptions. ByeDPIAndroid collects no user data, processing all traffic locally on the device. DPI is a traffic analysis technology used to block websites and services. The application relies on ByeDPI and hev-socks5-tunnel dependencies. Building the app requires JDK 8+, Android SDK, Android NDK, and CMake 3.22.1+. Installation can be done via Obtainium using the provided GitHub URL.
http://www.kitploit.com/2025/05/byedpiandroid-app-to-bypass-censorship.html kitploit.com
CdXz5zHNQW_hqEGqeSitv.png
RSS Hunter RSS Hunter May 8, 2025

API-s-for-OSINT - List Of API's For Gathering Information About Phone Numbers, Addresses, Domains Etc

This is a compilation of APIs helpful for automating Open Source Intelligence (OSINT) tasks. It covers various categories, including IOT/IP search engines like Shodan and Censys, offering device and host data. Universal OSINT APIs such as Social Links provide email and social media lookups, some at a cost. Phone number lookup and verification services include Numverify and Twilio, with varying pricing models. Address and ZIP code lookup APIs like Global Address and Google Maps Geocoding are listed, some providing free access. Services for people and document verification, such as Approuve.com and Onfido.com, are included, primarily for identity checks. Business and entity search APIs like Open Corporates and LinkedIn are provided for company information retrieval. Domain, DNS, and IP lookup tools like API OSINT DS and InfoDB API offer information on domains and IP addresses. Mobile app endpoint APIs and web scraping tools like WebScraping.AI are listed for mobile and web data extraction. Finally, the compilation includes APIs for WHOIS data, geolocation, Wi-Fi lookup, network information, finance, email validation, name analysis, leaked data searches, web archives, hash decryption, and cryptocurrency information.
http://www.kitploit.com/2025/05/api-s-for-osint-list-of-apis-for.html kitploit.com
CdXz5zHNQW_x8dnJkOiNl.png
RSS Hunter RSS Hunter May 7, 2025

Firecrawl-Mcp-Server - Official Firecrawl MCP Server - Adds Powerful Web Scraping To Cursor, Claude And Any Other LLM Clients

This document describes a Model Context Protocol (MCP) server implementation using Firecrawl for web scraping. The server offers features like web scraping with JS rendering, URL crawling, content extraction, and batch scraping. It supports both cloud and self-hosted Firecrawl instances and integrates with Cursor, Windsurf, and Claude Desktop. Installation instructions are provided for each platform, including configuration details for API keys and optional parameters. Several tools are available, including scrape, batch scrape, search, crawl, extract, deep research, and llms.txt generation tools. Each tool's usage and parameters are explained with examples. The server incorporates retry logic, credit usage monitoring, and rate limiting for robust operation. Comprehensive logging and error handling mechanisms are also included. Configuration examples demonstrate how to customize retry behavior, credit thresholds, and API endpoints. The server aims to provide a reliable and efficient solution for diverse web scraping tasks.
http://www.kitploit.com/2025/05/firecrawl-mcp-server-official-firecrawl.html kitploit.com
CdXz5zHNQW_RXN2SAZwZI.png
RSS Hunter RSS Hunter May 6, 2025

Deep-Live-Cam - Real Time Face Swap And One-Click Video Deepfake With Only A Single Image

Deep-Live-Cam is a real-time face-swap and video deepfake software requiring only a single image. It's intended for creative applications like animating characters and content creation but includes safeguards against misuse. The software prevents processing inappropriate content like nudity or graphic violence. Ethical usage requires user consent for real faces and clear labeling of deepfakes. Legal compliance is prioritized; the project may be shut down or watermarked if necessary. Users are solely responsible for their actions and adherence to legal and ethical standards. The software offers features like mouth masking, face mapping for multiple subjects, and live show capabilities. Installation requires technical skills; pre-built versions are available. GPU acceleration is supported for faster processing via CUDA, CoreML, DirectML, or OpenVINO. The software can operate in image/video or webcam modes, with options for various parameters and output quality.
http://www.kitploit.com/2025/05/deep-live-cam-real-time-face-swap-and.html kitploit.com
CdXz5zHNQW_z3A3BreRzS.gif
RSS Hunter RSS Hunter May 5, 2025

CAMEL - The First And The Best Multi-Agent Framework. Finding The Scaling Law Of Agents

CAMEL is an open-source community focused on discovering scaling laws for agents through large-scale studies. The framework supports various agents, tasks, prompts, models, and simulated environments to facilitate research. CAMEL's design principles emphasize evolvability, scalability, statefulness, and code-as-prompt for effective agent interaction. Researchers use CAMEL to simulate large-scale agent systems, enable dynamic communication, and equip agents with stateful memory. It supports multiple benchmarks, diverse agent types, and automates data generation, integrating seamlessly with various tools. CAMEL enables building data generation systems, task automation tools, and world simulations. Getting started is easy with pip install camel-ai, followed by setting up the OpenAI API key. The CAMEL tech stack includes modules for agents, agent societies, data generation, models, and memory. CAMEL encourages research contributions and provides synthetic datasets with visualizations of instructions and tasks. The platform offers practical cookbooks for building agents and multi-agent systems, including advanced features like RAG and knowledge graphs.
http://www.kitploit.com/2025/05/camel-first-and-best-multi-agent.html kitploit.com
CdXz5zHNQW_b9uCj0DQOK.png
RSS Hunter RSS Hunter May 4, 2025

Liam - Automatically Generates Beautiful And Easy-To-Read ER Diagrams From Your Database

Liam ERD is a tool that generates interactive ER diagrams from databases, making it easy to understand complex schemas. It has a beautiful and clean design with intuitive features like panning, zooming, and filtering. The tool can seamlessly turn existing database schemas into clear diagrams with zero configuration required. Liam ERD is optimized for both small and large projects, handling over 100 tables with high performance. The tool is fully open-source, allowing users to contribute to the project and shape it to fit their needs. To get started with public repositories, users can simply insert a URL into their schema file. For private repositories, users can run an interactive setup using a command. The project is open-source and welcomes support in the form of stars, which helps reach a wider audience and continue development. The full documentation for Liam ERD can be found on the website, and the roadmap outlines what's coming next. Overall, Liam ERD is a useful tool for visualizing complex databases with ease.
http://www.kitploit.com/2025/05/liam-automatically-generates-beautiful.html kitploit.com
CdXz5zHNQW_85GIdHT6rd.png
RSS Hunter RSS Hunter May 3, 2025

SubGPT - Find Subdomains With GPT, For Free

SubGPT is a free tool that uses BingGPT to find more subdomains based on a list of already discovered subdomains for a specific domain. The tool can be installed using pip or by cloning the GitHub repository and running the setup.py file. To use SubGPT, a Bing cookie is required, which can be obtained by installing a cookie editor extension, logging in to Bing.com", and copying the cookie. The standard way to run SubGPT is by specifying the input file, output file, and path to the cookies.json file. If no output file is specified, the output will be shown in the terminal. SubGPT can also be used to generate subdomains without resolving them by using the --dont-resolve option. The tool is designed to be used after discovering some subdomains using other methods, and it's important to ensure that the subdomains list only contains subdomains from one domain. SubGPT looks at A/CNAME records to determine whether a subdomain exists and can detect wildcard on first-level subdomains, handling it automatically.
http://www.kitploit.com/2025/05/subgpt-find-subdomains-with-gpt-for-free.html kitploit.com
CdXz5zHNQW_sawYAfQg4P.png
RSS Hunter RSS Hunter May 2, 2025

Uro - Declutters Url Lists For Crawling/Pentesting

Uro is a tool designed to refine URL lists for security testing by removing redundant and uninteresting entries. It operates without making HTTP requests, analyzing URLs based on their structure. Uro eliminates duplicate pages like paginated content, blog posts, and URLs differing only in parameter values. It also filters out common web resource files such as images, scripts, and stylesheets. Installation is typically done via pipx. Basic usage involves piping a URL list to uro. Advanced features include reading and writing URLs from files. Users can whitelist or blacklist specific file extensions. Granular filtering is available through options like "hasparams", "noext", and "vuln". Uro aims to provide a concise and relevant URL list for efficient security analysis.
http://www.kitploit.com/2025/05/uro-declutters-url-lists-for.html kitploit.com
CdXz5zHNQW_tGSxqUfN0q.png
RSS Hunter RSS Hunter May 2, 2025

Wshlient - A Simple Tool To Interact With Web Shells And Command Injection Vulnerabilities

Wshlient is a web shell client that is simple yet versatile, allowing users to create a shell by injecting commands into an HTTP request. To use Wshlient, users need to create a text file containing an HTTP request and specify where the commands should be injected. The tool only requires the "requests" library, which can be installed using pip or by running the requirements.txt file. Once installed, users can run Wshlient using the command "./wshlient.py -h" to view the help menu. The help menu displays the various options available, including enabling debug output, replacing whitespaces with $IFS, and disabling command URL encoding. Users can also specify tokens to mark the beginning and end of output. Wshlient is open to contributions, which can be made by using and sharing the tool, reporting bugs, suggesting features, or coding. The goal is to keep Wshlient simple and easy to use. The tool can be downloaded from its GitHub repository. Overall, Wshlient provides a convenient way to create a shell by injecting commands into an HTTP request.
http://www.kitploit.com/2025/04/wshlient-simple-tool-to-interact-with.html kitploit.com
CdXz5zHNQW_edJqbd7KwW.png
RSS Hunter RSS Hunter Apr 30, 2025

Pulsegram - Integrated Keylogger With Telegram

PulseGram is a keylogger integrated with a Telegram bot, designed for use in adversary simulations and security testing contexts. It captures keystrokes, clipboard content, and screenshots, sending the information to a configured Telegram bot. The tool is for educational purposes and security testing in authorized environments only, and unauthorized use may be illegal. PulseGram features keystroke capture, clipboard monitoring, periodic screenshots, and error logs. To install, clone the repository, install dependencies, and set up the Telegram bot token. The tool consists of three modules: pulsegram.py, helpers.py, and keylogger.py, which handle bot initialization, auxiliary functions, and keylogging, respectively. Users can configure the capture and sending time intervals for keystrokes, screenshots, and clipboard content. The project is licensed under the MIT License and contributions are welcome, but users must respect the code of conduct. Unauthorized use of PulseGram may violate local laws and privacy policies. The tool is available for download and should only be used in authorized environments.
http://www.kitploit.com/2025/04/pulsegram-integrated-keylogger-with.html kitploit.com
CdXz5zHNQW_ymBN5xmRKh.gif
RSS Hunter RSS Hunter Apr 29, 2025

Scrapling - An Undetectable, Powerful, Flexible, High-Performance Python Library That Makes Web Scraping Simple And Easy Again!

Scrapling is a high-performance, intelligent web scraping library for Python that adapts to website changes and outperforms popular alternatives. It provides powerful features while maintaining simplicity for both beginners and experts. Scrapling allows users to fetch websites as they prefer with async support, bypass anti-bot protections, and scrape data that survives website design changes. The library features smart element tracking, flexible selection, and smart content scraping. Scrapling is also highly performant, with lightning-fast speed, memory efficiency, and fast JSON serialization. The library has a developer-friendly API with powerful navigation, rich text processing, and auto selectors generation. To get started, users can install Scrapling using pip and then import the necessary fetchers and classes. Scrapling provides various fetchers, including Fetcher, AsyncFetcher, StealthyFetcher, and PlayWrightFetcher, each with its own features and configurations. The library also provides benchmarks comparing its performance to popular Python libraries, showing that Scrapling is on par with Scrapy and slightly faster than Lxml. Overall, Scrapling is a powerful and efficient web scraping library that makes it easy to extract data from websites.
http://www.kitploit.com/2025/04/scrapling-undetectable-powerful.html kitploit.com
CdXz5zHNQW_YvV3kdoDa6.png
RSS Hunter RSS Hunter Apr 28, 2025

VulnKnox - A Go-based Wrapper For The KNOXSS API To Automate XSS Vulnerability Testing

VulnKnox is a command-line tool written in Go that interfaces with the KNOXSS API to automate testing URLs for Cross-Site Scripting (XSS) vulnerabilities. It supports pipe input, configurable retries and timeouts, and advanced features like Advanced Filter Bypass and Flash Mode. The tool can be configured to use custom headers, proxy support, and Discord webhook integration for notifications. To use VulnKnox, users need to set up their configuration by obtaining a KNOXSS API key and editing the config.json file. The tool can be used to test single URLs or input files containing multiple URLs, with options for customizing the HTTP method, POST data, and output. VulnKnox provides detailed output with color-coded results, including indicators for successful XSS payloads, safe responses, errors, and skipped domains. The tool also provides a summary at the end of execution, including the number of requests made and successful XSS findings. Contributions to the project are welcome, and it is licensed under the MIT License. VulnKnox is a powerful tool for automating XSS vulnerability testing, and its advanced features make it a valuable asset for security professionals. Overall, VulnKnox is a versatile and customizable tool for identifying XSS vulnerabilities in web applications.
http://www.kitploit.com/2025/04/vulnknox-go-based-wrapper-for-knoxss.html kitploit.com
CdXz5zHNQW_tfTsFmxd0y.png
RSS Hunter RSS Hunter Apr 27, 2025

Camtruder - Advanced RTSP Camera Discovery and Vulnerability Assessment Tool

Camtruder is a high-performance RTSP camera discovery and vulnerability assessment tool written in Go. It efficiently scans and identifies vulnerable RTSP cameras across networks using various authentication methods and path combinations. The tool supports both targeted and internet-wide scanning capabilities. Key features include advanced scanning capabilities, screenshot capture, configurable output directory, location-based search, comprehensive authentication testing, smart path discovery, and high-performance architecture. Camtruder requires Go 1.19 or higher, ffmpeg for screenshot functionality, an internet connection, and root/administrator privileges for certain scanning modes. The tool can be installed using go install or by cloning the repository and building from source. Basic commands include scanning a single IP, network range, or location, as well as taking screenshots of discovered cameras. Advanced options include custom credentials, increased threads, and location search with raw output piped to other tools. Camtruder is intended for security research and authorized testing only, and users must ensure they have permission to scan target systems and comply with applicable laws and regulations.
http://www.kitploit.com/2025/04/camtruder-advanced-rtsp-camera.html kitploit.com
CdXz5zHNQW_Tf85mFzvbZ.png
RSS Hunter RSS Hunter Apr 26, 2025

Frogy2.0 - An Automated External Reconnaissance And Attack Surface Management (ASM) Toolkit

Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit that maps out an organization's entire internet presence, identifying assets, IP addresses, web applications, and metadata. It prioritizes assets from highest to lowest attractiveness from an attacker's perspective. The toolkit features comprehensive recon, live asset verification, in-depth web recon, smart prioritization, and professional reporting. Risk scoring is based on asset attractiveness, considering factors such as purpose, URLs found, login interfaces, HTTP status, TLS version, certificate expiry, missing security headers, open ports, and technology stack. Each factor contributes to the final risk score, helping bug bounty hunters and pentesters focus on the most promising targets. The tool generates a dynamic, color-coded HTML report with a modern design and dark/light theme toggle. The report provides a risk score for each asset, indicating a broader "attack surface" that adversaries could leverage. Frogy 2.0 helps security teams quickly prioritize which assets warrant deeper testing, focusing on those with high counts of open ports, advanced internal usage, missing headers, or login panels. The toolkit is easy to install and use, with a video demo available. The roadmap for future development includes adding security and compliance-related data, filtering column data, and enhancing prioritization for target picking.
http://www.kitploit.com/2025/04/frogy20-automated-external.html kitploit.com
CdXz5zHNQW_Zk9e5mcfkI.png
RSS Hunter RSS Hunter Apr 25, 2025

PEGASUS-NEO - A Comprehensive Penetration Testing Framework Designed For Security Professionals And Ethical Hackers. It Combines Multiple Security Tools And Custom Modules For Reconnaissance, Exploitation, Wireless Attacks, Web Hacking, And More

PEGASUS-NEO is a penetration testing framework for security professionals, offering tools for various attack vectors. It includes modules for reconnaissance, exploitation, wireless attacks, and web hacking. The framework is for educational and ethical purposes only; unauthorized use is illegal. The developers are not liable for misuse. The software is proprietary and its use is subject to copyright. Key features include password cracking, OSINT gathering, and various attack methodologies against networks and web applications. Installation requires Python 3.8+, Linux, and root privileges. Usage involves running the script and navigating a menu-driven interface. PEGASUS-NEO incorporates several well-known security tools and employs security features for source code protection. The project is currently closed-source, and support is provided through email. The software is licensed under a proprietary license.
http://www.kitploit.com/2025/04/pegasus-neo-comprehensive-penetration.html kitploit.com
CdXz5zHNQW_kbZuRYmZd6.png
RSS Hunter RSS Hunter Apr 24, 2025

Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10

A Python-based proof-of-concept exploit exists for Text4Shell (CVE-2022-42889), a critical vulnerability in Apache Commons Text. This vulnerability allows remote code execution in Java applications using the StringSubstitutor class with interpolation enabled. Exploitation occurs through injection of malicious expressions within the vulnerable parameter, often through the data query parameter. The exploit leverages the ${script:...} syntax to execute arbitrary system commands. This specific PoC uses a reverse shell payload sent via a POST request. Users must adapt the payload and request path based on the target application. The exploit is intended for educational and authorized penetration testing only. It has been tested against Apache Commons Text versions prior to 1.10.0. Users should exercise caution and use it responsibly.
http://www.kitploit.com/2025/04/text4shell-exploit-custom-python-based.html kitploit.com
CdXz5zHNQW_bONcr9b0D2.png
RSS Hunter RSS Hunter Apr 23, 2025

Ghost-Route - Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927)

A Python script called Ghost-Route checks Next.js websites for the CVE-2025-29927 vulnerability. This vulnerability allows unauthorized access to protected routes via a custom HTTP header. Next.js versions 11.1.4 and above are affected. The script requires cloning the repository and installing dependencies within a virtual environment. Users provide the target website's base URL and the protected path to test. An optional argument displays response headers. The tool is strictly for educational purposes and unauthorized use is discouraged. It is credited to Rachid A. Yasser Allam's research on Next.js and corrupt middleware. The script is released under the MIT License.
http://www.kitploit.com/2025/04/ghost-route-ghost-route-detects-if-next.html kitploit.com
CdXz5zHNQW_Ei4aqIy8PL.png
RSS Hunter RSS Hunter Apr 22, 2025

Bytesrevealer - Online Reverse Enginerring Viewer

Bytes Revealer is a browser-based tool for reverse engineering and binary analysis, targeting security researchers and developers. It offers features like hex viewing, data visualization, string extraction, entropy calculation, and file signature detection. Files up to 50MB are fully analyzed, while larger files up to 1.5GB have limited analysis capabilities. Built with Vue.js and utilizing web workers for performance, Bytes Revealer performs analysis client-side without storing data on a server. Key features include multiple data views, advanced search capabilities, and detailed string analysis. The tool can be used via Docker or installed locally after cloning the GitHub repository. Performance is optimized through chunked file processing and memory management. Bytes Revealer supports modern browsers and contributions are welcome through pull requests. Future enhancements include expanded file format support and advanced analysis features.
http://www.kitploit.com/2025/04/bytesrevealer-online-reverse.html kitploit.com
CdXz5zHNQW_ITCBevGcUQ.png
RSS Hunter RSS Hunter Apr 21, 2025

CentralizedFirewall - Provides A Firewall Manager API Designed To Centralize And Streamline The Management Of Firewall Configurations

The Firewall Manager API project installation begins by cloning the repository from GitHub. Next, the .env file needs editing to match the user's specific configuration. Docker Compose is used to start the API, running it in detached mode. The status of the running containers can be verified using the 'docker ps' command. To set up the firewall client, install the provided agent on the node server. Configuration involves creating a group and API key within the Firewall Manager, then editing the config.ini file on the node server with the API URL, API key, and hostname. Restart the firewall agent to apply changes and confirm its status. SIEM integration requires configuring the SIEM to send logs to the Firewall Manager using a specific POST request format detailed in the documentation. The Swagger documentation, available at the provided link, offers further details. Default credentials are provided, but can be changed in the settings. Finally, the project maintainers welcome sponsorship through GitHub Sponsors.
http://www.kitploit.com/2025/04/centralizedfirewall-provides-firewall.html kitploit.com
CdXz5zHNQW_hVlgVYMWAq.png
RSS Hunter RSS Hunter Apr 20, 2025

Maryam - Open-source Intelligence(OSINT) Framework

Maryam is an open-source framework for OSINT and data gathering, offering a modular design for efficient data harvesting. It supports various operating systems including Linux, FreeBSD, Darwin, and OSX, installable via pip. Users can install the latest version directly from the GitHub repository. Maryam offers diverse modules like DNS search, YouTube search, and Google search, controllable through command-line options. The framework supports multi-threading and API output in JSON format. Users can configure settings like proxy, user agent, and timeout. A web API can be launched for programmatic access. Contributions are encouraged, with guidelines available for adding modules and utilizing existing search engines. Bug reports and feature requests can be submitted through the issue tracker.
http://www.kitploit.com/2025/04/maryam-open-source-intelligenceosint.html kitploit.com
CdXz5zHNQW_nD9kiB5RdY.png
RSS Hunter RSS Hunter Apr 19, 2025

TruffleHog Explorer - A User-Friendly Web-Based Tool To Visualize And Analyze Data Extracted Using TruffleHog

TruffleHog Explorer is a web-based tool designed to visualize and analyze data from TruffleHog, a powerful open-source secrets detection tool. TruffleHog helps identify sensitive credentials like API keys and passwords within code repositories. The Explorer boasts an improved user interface with powerful filtering, export options, and batch operations, allowing security professionals to efficiently review potential secrets. Currently, the dashboard primarily supports GitHub TruffleHog JSON output, with future updates planned for broader compatibility. Key features include intuitive navigation, flexible filtering by various criteria, and bulk verification/rejection of findings. Users can export results in multiple formats and save sessions for later review. To use, clone the repository, open index.html in a browser, and upload TruffleHog JSON output files. Users can then filter, review findings, and export results as needed. The tool also offers dynamic sorting and automatic session backups.
http://www.kitploit.com/2025/04/trufflehog-explorer-user-friendly-web.html kitploit.com
CdXz5zHNQW_YOyMnnNSCo.png
RSS Hunter RSS Hunter Apr 18, 2025

PANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data

PANO is a powerful OSINT investigation platform that combines graph visualization, timeline analysis, and AI-powered tools to help users uncover hidden connections and patterns in their data. To get started, users can clone the repository, run the application, and follow the startup script to set up the Python environment and install dependencies. The platform offers various features, including interactive graph visualization, timeline analysis, map integration, entity management, and AI integration. Users can create investigations, add entities, discover connections, analyze patterns, and save their work for later use. The platform supports various entity types, including email addresses, usernames, websites, images, locations, events, and text content. The transform system allows users to automate operations to discover new information and relationships, and the AI integration provides natural language investigation assistance. Users can also create custom entities, transforms, and helpers to extend the platform's capabilities. Contributions to the platform are welcome, and users can fork the repository, make changes, test, and create a pull request to the main branch. The platform requires Windows or Linux, Python 3.11+, PySide6 for GUI, and an internet connection for online features. The project is licensed under the Creative Commons Attribution-NonCommercial License, allowing users to share, adapt, and build upon the material for non-commercial purposes.
http://www.kitploit.com/2025/04/pano-advanced-osint-investigation.html kitploit.com
CdXz5zHNQW_mAYkdcZm3j.png
RSS Hunter RSS Hunter Apr 17, 2025

Wappalyzer-Next - Python library that uses Wappalyzer extension (and its fingerprints) to detect technologies

Wappalyzer-Next is a command-line tool and Python library that detects technologies using the Wappalyzer extension and its fingerprints. It bypasses limitations of other projects that emerged after the official open-source project was discontinued. To install Wappalyzer, you need to install Firefox and geckodriver. Geckodriver can be downloaded from the official GitHub releases page and added to the system path. Wappalyzer can be installed as a command-line tool using pipx or as a library using pip. It can also be installed and run using Docker Compose. The tool can be used to scan single or multiple URLs, with options for authentication, output formats, and scan types. The Python library is available on PyPI and can be imported as wappalyzer, with a main function called analyze(). The analyze function takes parameters such as URL, scan type, threads, and cookie, and returns a dictionary with detected technologies. The scan types include 'fast', 'balanced', and 'full', which differ in the level of HTTP requests and browser emulation used.
http://www.kitploit.com/2025/04/wappalyzer-next-python-library-that.html kitploit.com
CdXz5zHNQW_KWKcFyzCXp.png
RSS Hunter RSS Hunter Apr 16, 2025

Telegram-Checker - A Python Tool For Checking Telegram Accounts Via Phone Numbers Or Usernames

The Telegram Phone Checker is a Python script that checks Telegram accounts using phone numbers or usernames. It features the ability to check single or multiple phone numbers and usernames, import numbers from a text file, and auto-download profile pictures. The script saves results as JSON files and provides detailed user information. It also has secure credential storage and allows users to clear saved credentials. To install the script, users need to clone the repository and install required packages using pip. The required packages are telethon, rich, click, and python-dotenv. Before running the script, users need to set up Telegram API credentials, their phone number, and a verification code. The script can be run from the command line and offers six options, including checking phone numbers or usernames from input or file, clearing saved credentials, and exiting. The results are saved in a results folder as JSON files and a profile_photos folder with downloaded profile pictures. The tool is for educational purposes only and users should respect Telegram's terms of service and user privacy.
http://www.kitploit.com/2025/04/telegram-checker-python-tool-for.html kitploit.com
CdXz5zHNQW_ajS0RENj9T.png
RSS Hunter RSS Hunter Apr 15, 2025

Torward - An Improved Version Based On The Torghost-Gn And Darktor Scripts, Designed To Enhance Anonymity On The Internet

Torward, based on torghost-gn and darktor, enhances online anonymity by forcing all computer traffic through the Tor network. It prevents data leaks and strengthens privacy. Key security improvements include IPv6 leak prevention by disabling IPv6 and routing all traffic through Tor. Stringent iptables rules block non-Tor traffic, forcing DNS queries through Tor and allowing only essential Tor port connections. The torward file ensures all traffic, including DNS, uses Tor. Installation involves cloning the GitHub repository and running the install script. Future improvements include displaying the exit node's IP address using the Tor API. Robust error handling for Tor disconnections and network issues is also planned. Torward aims to provide a higher level of anonymity and security for online activities. The tool significantly hardens system configurations against potential data leaks.
http://www.kitploit.com/2025/04/torward-improved-version-based-on.html kitploit.com
CdXz5zHNQW_YgLRgYHYhQ.png
RSS Hunter RSS Hunter Apr 14, 2025

Instagram-Brute-Force-2024 - Instagram Brute Force 2024 Compatible With Python 3.13 / X64 Bit / Only Chrome Browser

Instagram Brute Force CPU/GPU Supported 2024 (Use option 2 while running the script.) (Option 1 is on development) (Chrome should be downloaded in device.) Compatible and Tested (GUI Supported Operating Systems Only) Python 3.13 x64 bit Unix / Linux / Mac / Windows 8.1 and higherInstall Requirements pip install -r requirements.txt How to run python3 instagram_brute_force.py [instagram_username_without_hashtag] python3 instagram_brute_force.py mrx161 Download Instagram-Brute-Force-2024
http://www.kitploit.com/2025/04/instagram-brute-force-2024-instagram.html kitploit.com
CdXz5zHNQW_eXO2qJ5FDW.png
RSS Hunter RSS Hunter Apr 13, 2025

QuickResponseC2 - A Command & Control Server That Leverages QR Codes To Send Commands And Receive Results From Remote Systems

QuickResponseC2 is a stealthy Command and Control (C2) framework that enables indirect and covert communication between the attacker and victim machines via an intermediate HTTP/S server. It allows for command execution and result retrieval via QR codes, making it undetectable by IPS/IDS systems. The tool includes a built-in HTTP server that facilitates the victim machine's retrieval of command QR codes and sends results back to the server as QR code images. QuickResponseC2 operates under the radar, providing a covert way to interact with the victim machine without alerting security defenses. The tool is ideal for security assessments or testing command-and-control methodologies without being detected. It features a user-friendly command-line interface, allowing users to set up a C2 server, send commands, and receive results with ease. The tool automatically saves all QR codes to the server_files directory, using sequential filenames. Decoding and processing of result files are handled seamlessly. To use QuickResponseC2, users must first install the dependencies and then run the main.py file. The tool provides a demonstration and a workflow overview, outlining the steps involved in using QuickResponseC2. The developer welcomes contributions and pull requests to improve the tool.
http://www.kitploit.com/2025/04/quickresponsec2-command-control-server.html kitploit.com
CdXz5zHNQW_QQzCla0Wzl.png
RSS Hunter RSS Hunter Apr 12, 2025

Telegram-Scraper - A Powerful Python Script That Allows You To Scrape Messages And Media From Telegram Channels Using The Telethon Library

The Telegram-Scraper is a powerful Python script that allows users to scrape messages and media from Telegram channels using the Telethon library. It features real-time continuous scraping, media downloading, and data export capabilities. To use the script, users need Python 3.7 or higher, a Telegram account, and API credentials from Telegram. The script can scrape messages from multiple channels, download media files, and export data to JSON and CSV formats. It also has a resume capability, media reprocessing, and progress tracking. The script uses an interactive menu interface and stores data in SQLite databases. Media files are stored in a separate folder, and data can be exported in CSV and JSON formats. The script has features like continuous scraping, media handling, and error handling, but also has limitations such as respecting Telegram's rate limits and media download size limits. Contributions to the project are welcome, and it is licensed under the MIT License. The tool is for educational purposes only and users must respect Telegram's Terms of Service and use it responsibly and ethically.
http://www.kitploit.com/2025/04/telegram-scraper-powerful-python-script.html kitploit.com
CdXz5zHNQW_sZfFfy2uJy.png
RSS Hunter RSS Hunter Apr 11, 2025

Moukthar - Android Remote Administration Tool

Moukthar is a remote administration tool for Android devices that provides various features for monitoring and controlling the device. The tool can bypass permissions on Android 12 and below, and it includes a keylogger, notifications listener, SMS listener, phone call recording, image capturing, and video recording capabilities. It also has persistence, allowing it to remain active even after the device is restarted. The tool can read and write contacts, list installed applications, download and upload files, and get the device's location. To install Moukthar, users need to clone the repository, install required dependencies, and set up the database and web socket server. The tool includes a dashboard for viewing logs and controlling the device. There are some known issues with the tool, including problems with screenshot capture, image and video capture when the application is not in focus, and downloading files using the DownloadManager. The tool's developer has identified these issues and plans to address them in future updates. Moukthar is available for download on GitHub.
http://www.kitploit.com/2025/04/moukthar-android-remote-administration.html kitploit.com
CdXz5zHNQW_TvNzaDPWkJ.jpeg
RSS Hunter RSS Hunter Apr 10, 2025

Lobo Guará - Cyber Threat Intelligence Platform

Lobo Guará is a cybersecurity platform providing Cyber Threat Intelligence (CTI) tools. It offers features like SSL certificate searching and monitoring, enabling threat identification. A tracking link feature helps gather attacker device information. Domain and URL scanning provide details like WHOIS information, subdomains, and web paths. URL scanning generates screenshots and mirrors, aiding in takedowns of malicious sites, while URL monitoring automatically scans a URL upon reactivation. Lobo Guará also monitors data leaks from hacker forums and allows searching for compromised credentials. Threat intelligence feeds keep users informed of the latest threats. Installation is supported on Ubuntu and Red Hat, with Docker deployment also available. Dependencies include PostgreSQL, Python 3.12, ChromeDriver, Google Chrome, FFUF, and Subfinder. An online platform is accessible at https://loboguara.olivsec.com.br/.
http://www.kitploit.com/2025/04/lobo-guara-cyber-threat-intelligence.html kitploit.com
CdXz5zHNQW_iV0sBvuXkR.png
RSS Hunter RSS Hunter Apr 9, 2025

Telegram-Story-Scraper - A Python Script That Allows You To Automatically Scrape And Download Stories From Your Telegram Friends

This Python script uses Telethon to download Telegram stories from friends. It only accesses stories from friends who allow story viewing, due to Telegram API limitations. The script downloads photos and videos, saving metadata in an SQLite database and exporting to Excel. It runs continuously, checking for new stories at customizable intervals (defaulting to 60 seconds). Prerequisites include Python 3.7+, Telethon, openpyxl, schedule, and Telegram API credentials. Users need to obtain their API ID and hash from Telegram's API development tools. The script connects to Telegram, checks for new stories, downloads media, and stores data. It handles errors, retries failed downloads, and preserves state across runs. Media files are saved with unique filenames, and the script is licensed under the MIT License. The script is for educational purposes, and users must respect Telegram's terms of service and user privacy. Contributions are welcome.
http://www.kitploit.com/2025/04/telegram-story-scraper-python-script.html kitploit.com
CdXz5zHNQW_iF7It25ctI.png
RSS Hunter RSS Hunter Apr 8, 2025

gitGRAB - This Tool Is Designed To Interact With The GitHub API And Retrieve Specific User Details, Repository Information, And Commit Emails For A Given User

This tool is designed to interact with the GitHub API and retrieve specific user details, repository information, and commit emails for a given user.Install Requests pip install requests Execute the programpython3 gitgrab.py Download gitGRAB
http://www.kitploit.com/2025/04/gitgrab-this-tool-is-designed-to.html kitploit.com
CdXz5zHNQW_Nb2bOj2NOP.png
RSS Hunter RSS Hunter Apr 7, 2025

Lazywarden - Automatic Bitwarden Backup

Lazywarden is a Python automation tool that securely backs up and restores data from Bitwarden vaults, including attachments. It offers maximum security with AES-256 encryption and Argon2 key derivation. The tool automates backups and imports, ensuring data integrity with SHA-256 hash verification. Backups can be stored on multiple cloud services, including Dropbox, Google Drive, and more, as well as locally. Users receive real-time alerts on platforms like Discord, Telegram, and Slack. Lazywarden integrates with schedule management tools like CalDAV, Todoist, and Vikunja for seamless tracking and email notifications. The tool can be easily deployed with Docker Compose and allows for full automation and custom scheduling options. Additionally, Lazywarden enables the export of Bitwarden items to a KeePass database, including TOTP-seeded logins and attachments. With its features, Lazywarden provides a comprehensive backup and import system for Bitwarden users. The tool is available for download, offering a secure and automated solution for managing Bitwarden data.
http://www.kitploit.com/2025/04/lazywarden-automatic-bitwarden-backup.html kitploit.com
CdXz5zHNQW_9361Z7neJ9.png
RSS Hunter RSS Hunter Apr 5, 2025

Docf-Sec-Check - DockF-Sec-Check Helps To Make Your Dockerfile Commands More Secure

DocF-Sec-Check is a tool designed to enhance the security of Dockerfile commands. It aims to provide security notifications at different levels, including within the Dockerfile itself and in Docker images. Installation is possible via virtualenv, PyPI using pip, building from a Dockerfile, or directly from DockerHub. To use it from a Dockerfile or DockerHub, a local Dockerfile path needs to be specified for scanning. The tool can also be integrated into Python code by importing the DocFChecker class. Contributions and development details are available in the CONTRIBUTING.md file. The project is licensed under GPL-3.0, and support for the developer is welcomed through donations or GitHub Sponsors. The tool helps in identifying and addressing potential security vulnerabilities in Dockerfiles. It is developed and maintained by Osman Kandemir.
http://www.kitploit.com/2025/04/docf-sec-check-dockf-sec-check-helps-to.html kitploit.com
CdXz5zHNQW_6JEwJu9NNR.png
RSS Hunter RSS Hunter Apr 4, 2025

SafeLine - Serve As A Reverse Proxy To Protect Your Web Services From Attacks And Exploits

SafeLine is a self-hosted Web Application Firewall (WAF) designed to protect web applications from various attacks and exploits. It filters and monitors HTTP traffic between the web application and the Internet, safeguarding against SQL injection, XSS, code injection, and other threats. SafeLine operates as a reverse-proxy, shielding the server from exposure by filtering out malicious traffic before it reaches the server. Its core capabilities include defenses for web attacks, proactive bot abused defense, HTML & JS code encryption, IP-based rate limiting, and web access control lists. The WAF also features a live demo and offers several key features such as blocking web attacks, rate limiting to defend against DoS attacks, anti-bot challenges, authentication challenges, and dynamic protection through code encryption. SafeLine can be downloaded to enhance the security of web applications.
http://www.kitploit.com/2024/09/safeline-serve-as-reverse-proxy-to.html kitploit.com
RSS Hunter RSS Hunter Sep 24, 2024

PolyDrop - A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit

BYOSI (Bring-Your-Own-Script-Interpreter) is a technique that allows attackers to deliver a malicious script interpreter and source code to a target system, which can then be executed by the trusted script interpreter. PolyDrop is a tool that leverages 13 scripting languages to perform this attack. Many antivirus vendors, including MS-Defender, fail to detect malicious scripts in languages such as tcl, php, crystal, and julia. These languages are often ignored by AV vendors, allowing attackers to execute malicious code undetected. PolyDrop is currently undetectable by most mainstream Endpoint-Detection & Response vendors. Many vendors are unable to scan or process PHP file types, and even more are unable to accurately identify malicious PHP scripts. The maintainers of PolyDrop claim that their tool is for legitimate penetration testing and educational purposes only and are not responsible for its misuse. The tool is modular and designed to be updated with new features in the future. Users are advised to use the tool responsibly and in accordance with applicable laws. PolyDrop is available for download.
http://www.kitploit.com/2024/09/polydrop-byosi-bring-your-own-script.html kitploit.com
RSS Hunter RSS Hunter Sep 23, 2024

Secator - The Pentester'S Swiss Knife

Secator is a task and workflow runner designed for security assessments, supporting dozens of well-known security tools to improve productivity for pentesters and security researchers. It features a curated list of commands, unified input options, and unified output schema, as well as CLI and library usage. Secator also supports distributed options with Celery and allows for customization. The tool integrates with various security tools, including httpx, cariddi, gau, and gospider, among others. Secator can be installed using pipx, pip, Bash, Docker, or Docker Compose. After installation, users may need to install languages used by external tools, such as Go and Ruby, and install or update supported tools. Additionally, secator offers various addons, including support for Celery workers, Google Drive exporter, and MongoDB driver. To ensure proper installation, users can check the installation health using the secator health command. Secator provides various usage examples, including running fuzzing tasks, URL crawl workflows, and host scans. Users can also list all available tasks, workflows, and scans using the secator x --help, secator w --help, and secator s --help commands. For more information, users can refer to the complete documentation, getting started tutorial video, and Medium post.
http://www.kitploit.com/2024/09/secator-pentesters-swiss-knife.html kitploit.com
RSS Hunter RSS Hunter Sep 22, 2024

Damn-Vulnerable-Drone - An Intentionally Vulnerable Drone Hacking Simulator Based On The Popular ArduPilot/MAVLink Architecture, Providing A Realistic Environment For Hands-On Drone Hacking

The Damn Vulnerable Drone is a virtually simulated environment designed for offensive security professionals to safely learn and practice drone hacking techniques. It simulates real-world ArduPilot & MAVLink drone architectures and vulnerabilities, offering a hands-on experience in exploiting drone systems. The Damn Vulnerable Drone aims to enhance offensive security skills within a controlled environment, making it an invaluable tool for intermediate-level security professionals, pentesters, and hacking enthusiasts. The platform is open-source and available at no cost, addressing the substantial expenses often linked with drone hardware, hacking tools, and maintenance. The Damn Vulnerable Drone operates on the principle of Software-in-the-Loop (SITL), a simulation technique that allows users to run drone software as if it were executing on an actual drone, thereby replicating authentic drone behaviors and responses. ArduPilot's SITL allows for the execution of the drone's firmware within a virtual environment, mimicking the behavior of a real drone without the need for physical hardware. This simulation is further enhanced with Gazebo, a dynamic 3D robotics simulator, which provides a realistic environment and physics engine for the drone to interact with. The Damn Vulnerable Drone setup doesn't mirror every drone architecture or configuration, but the integrated tactics, techniques, and scenarios are broadly applicable across various drone systems, models, and communication protocols. The Damn Vulnerable Drone features a Docker-based environment, simulated wireless networking, onboard camera streaming and gimbal, companion computer web interface, QGroundControl/MAVProxy integration, MAVLink router integration, dynamic flight logging, management web console, comprehensive hacking scenarios, and detailed walkthroughs.
http://www.kitploit.com/2024/09/damn-vulnerable-drone-intentionally.html kitploit.com
RSS Hunter RSS Hunter Sep 21, 2024

File-Unpumper - Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add

File-unpumper is a powerful command-line utility for cleaning and analyzing Portable Executable files. It offers various features to help developers and security professionals work with PE files more effectively. The tool can fix and align PE headers, extract embedded resources, and analyze metadata. File-unpumper can also remove "pumped" or padded data from a PE file, resulting in a cleaned version of the executable. This feature is useful for malware analysis, reverse engineering, or reducing file size. The utility leverages parallel processing for efficient performance and displays a progress bar during the file cleaning process. File-unpumper is written in Rust and can be easily installed using the Cargo package manager. The tool provides various options, including fixing headers, extracting resources, and analyzing metadata. Users can perform multiple operations on a file by combining these options. Contributions to file-unpumper are welcome, and the tool is released under the MIT License.
http://www.kitploit.com/2024/09/file-unpumper-tool-that-can-be-used-to.html kitploit.com
RSS Hunter RSS Hunter Sep 20, 2024

Mass-Assigner - Simple Tool Made To Probe For Mass Assignment Vulnerability Through JSON Field Modification In HTTP Requests

Mass Assigner is a tool that identifies mass assignment vulnerabilities in web applications by retrieving data from a specified request and applying extracted parameters to a second request. It supports customization of HTTP methods, addition of custom headers, and rate-limiting. Mass Assigner ignores specified parameters during execution and supports nested arrays/objects in JSON data. Installation involves installing requirements using pip3. Arguments include --fetch-from, --target-req, --header, --proxy, --data, --rate-limit, --source-method, --target-method, and --ignore-params. Example usage demonstrates how to set parameters and specify custom headers, proxy, and data. Mass Assigner actively modifies server-side data, so authorization is required before use. Unauthorized or illegal activities are at the user's own risk. Future plans include support for additional content types. Download Mass Assigner to enhance your web application security testing.
http://www.kitploit.com/2024/09/mass-assigner-simple-tool-made-to-probe.html kitploit.com
RSS Hunter RSS Hunter Sep 19, 2024

Imperius - Make An Linux Kernel Rootkit Visible Again

A tool to make hidden LKM rootkits visible is being developed as part of ongoing research. The tool retrieves the memory address of the rootkit's visibility function and calls it to expose the rootkit, allowing for its removal. For kernels lacking the necessary address information, the tool scans kernel memory to locate and expose the rootkit. Additionally, an alternative method for removing LKM rootkits is under development but will be presented in the upcoming research.
http://www.kitploit.com/2024/09/imperius-make-linux-kernel-rootkit.html kitploit.com
RSS Hunter RSS Hunter Sep 18, 2024

BYOSI - Evade EDR's The Simple Way, By Not Touching Any Of The API's They Hook

EDR solutions tend to overlook scripting files, focusing on binary implants. This oversight presents an opportunity for attackers. BYOSI (Bring Your Own Scripting Interpreter) leverages this by utilizing signed scripting interpreters that bypass EDR detection. A PHP script, signed by its creator, can execute on systems protected by CrowdStrike and Trellix without triggering alerts. The script fetches and extracts a PHP archive, then executes the implant using the whitelisted PHP binary. This method evades EDR detection, allowing attackers to establish an active shell on the target system. Even PowerShell scripts can evade EDR detection with just four lines of code. GitHub's trusted deployer status further enhances the effectiveness of this attack. The script demonstrates the vulnerability of EDR solutions to scripting file attacks. The author emphasizes that they are not responsible for the misuse of this technique but highlight it as a significant blind spot in EDR protection. Modifications to the PHP script may be necessary to evade detection by Microsoft Defender. Sentinel One may also be vulnerable to this attack, as it reportedly cannot scan PHP file types.
http://www.kitploit.com/2024/09/byosi-evade-edrs-simple-way-by-not.html kitploit.com
RSS Hunter RSS Hunter Sep 17, 2024

Psobf - PowerShell Obfuscator

Psobf is a Go-based tool that obfuscates PowerShell scripts to hinder analysis and detection. It offers five obfuscation levels, from simple character splitting to script fragmentation. Each level adds complexity, with Level 4 utilizing compression and Level 5 fragmenting the script for runtime reconstruction. Variable names are also obfuscated. The tool is easy to use, requiring only the input script file, output file name, and desired obfuscation level as command-line arguments. Example obfuscated scripts are provided for each level, showcasing the transformation of the original script. Psobf is designed for educational and research purposes and should not be used for malicious activities.
http://www.kitploit.com/2024/09/psobf-powershell-obfuscator.html kitploit.com
RSS Hunter RSS Hunter Sep 16, 2024

DockerSpy - DockerSpy Searches For Images On Docker Hub And Extracts Sensitive Information Such As Authentication Secrets, Private Keys, And More

DockerSpy is a tool that scans Docker Hub for exposed secrets in container images. Docker Hub is a repository where developers store and share container images. By analyzing these images, DockerSpy can find sensitive information such as authentication secrets, private keys, and more. This can help organizations identify potential security risks, prevent data breaches, and enhance their overall security posture.DockerSpy works by using regular expressions to inspect the content of Docker images for sensitive information. It can be customized to meet specific needs by editing the regular expressions and ignored file extensions. DockerSpy is intended for educational and research purposes only, and users are responsible for ensuring that their use complies with applicable laws and regulations.To use DockerSpy, clone the repository, install the required dependencies, and run the tool from the terminal. The tool is open-source and contributions are welcome.DockerSpy is a valuable tool for organizations that want to improve the security of their containerized applications. It can help identify exposed secrets, prevent data breaches, and ensure compliance with security standards.
http://www.kitploit.com/2024/09/dockerspy-dockerspy-searches-for-images.html kitploit.com
RSS Hunter RSS Hunter Sep 14, 2024

Ashok - A OSINT Recon Tool, A.K.A Swiss Army Knife

Ashok is a fast reconnaissance tool designed for the reconnaissance phase of penetration testing, gathering information before actual attacks. It includes features like a Wayback Crawler Machine, Google Dorking without limits, Github Information Grabbing, Subdomain Identifier, and a CMS/Technology Detector with custom headers. To use Ashok, clone the repository, install the requirements, and refer to the detailed usage guide in the Wiki. Some key options include extracting HTTP headers, performing DNS and subdomain lookups, detecting CMS, and scanning ports. Ashok can also be launched using a lightweight Docker image. Credits include hackertarget for the tool's development.
http://www.kitploit.com/2024/06/ashok-osint-recon-tool-aka-swiss-army.html kitploit.com
RSS Hunter RSS Hunter Jun 26, 2024