Month: December 2018


Fud 100% services packages ready for sales

We offer a monthly Crypter service to make your files undetectable encrypted! this is how it works: You zip the files you want to encrypt and send them to our email then we will encrypt and make your files/file fud 100% (undetectable by any antivirus) and send them back to your email! We offer 3 packages: Standard Prenium Ultimate All those packages offer some unique futures to encrypt your file!  


Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

Hacking Toolspenetration testingTUTORIALS

Penetration Testing on Group Policy Preferences

Hello Friends!! You might be aware of Group Policy Preferences in Windows Server 2008 that allows system administrators to set up specific configurations. It can be used to create username and encrypted password on machines. But do you know, that a normal user can elevate privilege to local administrator and probably compromise the security of the entire domain because passwords in preference items are not secured. Table of Content What is Group Policy Preferences? Why using GPP to create a user account is a…

Hacking Toolspenetration testingTUTORIALS

Exploiting Jenkins Groovy Script Console in Multiple Ways

Hello Friends!! There were so many possibilities to exploit Jenikins however we were interested in Script Console because Jenkins has lovely Groovy script console that permits anyone to run arbitrary Groovy scripts inside the Jenkins master runtime. Table of Content Jenkin’s Groovy Script Console Metasploit groovy Groovy executing shell commands -I Groovy executing shell commands -II Jenkin’s Groovy Script Console Jenkins features a nice Groovy script console which allows one to run arbitrary Groovy scripts within the Jenkins master runtime or in the runtime…


Hack the Box: Nightmare Walkthrough

Today we are going to solve another CTF challenge “Nightmare”. It is a retired vulnerable lab presented by Hack the Box for helping pentester’s to perform online penetration testing according to your experience level; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Intermediate Task: To find user.txt and root.txt file Note: Since these labs are online available therefore they have a static IP. The IP of Nightmare is Penetrating Methodology Network scanning (Nmap) Browsing IP address…

KitPloitMost Popular Hacking ToolsNEW TOOLS

Top 20 Most Popular Hacking Tools in 2018

It is the end of the year and we bring you the most popular tools of 2018 in Kitploit, we ordered the 20 tools that had most visitors from March to December 2018.For professionals working in information security, many of this tools are the same ones the hackers are using, to understand the holes in your system, you have to be able to see it in the same way that your potential adversaries can see it.Topics of the tools focus on OSINT, Information Gathering,…

EmailhunterEmailsInformation ExtractionInformation GatheringNEW TOOLSOSINT PythonPenetration TestShodanVisibility

Infoga – Email OSINT

Infoga is a tool gathering email accounts informations (ip,hostname,country,...) from different public source (search engines, pgp key servers and shodan) and check if emails was leaked using API. Is a really simple tool, but very effective for the early stages of a penetration test or just to know the visibility of your company in the Internet. Installation$ git clone infoga$ cd infoga$ python install$ python infoga.pyUsage$ python --domain --source all --breach -v 2 --report ../nsa_gov.txt$ python --info --breach…


ThunderDNS – Tool To Forward TCP Traffic Over DNS Protocol

This tool can forward TCP traffic over DNS protocol. Non-compile clients + socks5 support.RunSetting up NS records on our domain:Please wait for clearing DNS-cache.Simple server run:python3 ./ --domain oversec.ruSimple server run (Dockerfile):docker run <imageid> -e DOMAIN='<domain>'Simple client run (Bash):bash ./ -d -n <clientname>Simple client run (PowerShell):PS:> ./ps_client.ps1 -domain -clientname <clientname>Show registered clients list:python3 ./ --dns --dns_port 9091 --clientsRun proxy:python3 ./ --dns --dns_port 9091 --socks5 --localport 9090 --client 1Video demonstrationDownload ThunderDNS

Hacking Toolspenetration testingTUTORIALS

A Little Guide to SMB Enumeration

Enumeration is very essential phase of Penetration testing, because when a pentester established active connection with victim, then he try to retrieve as much as possible information of victim’s machine, which could be useful to exploit further. In this article, we had explore SMB enumeration using Kali Linux inbuilt command-line tools only. Table of Content Nmblookup nbtscan SMBMap Smbclient Rpcclient Nmap Enum4linux nmblookup nmblookup is used to query NetBIOS names and map them to IP addresses in a network using NetBIOS over TCP/IP queries.…

Hacking ToolsKali Linuxpenetration testingTUTORIALS

Defend against Brute Force Attack with Fail2ban

Daily we hear some news related to cybercrime just, like, some malicious users or bots has successfully defaced some publicly accessible website or some services. As we always try to explain through our articles, how such types of activities are possible when system is weak configured or misconfigured. Therefore, it is important to build some security measures such as IDS/IPS within firewall to defend your server and clients while configuring it. In this article we will show, how you can protect your network from…