The Modern Penetration Testing Framework
Modular • Extensible • Powerful
KittySploit is a next-generation penetration testing framework that combines the power of traditional CLI tools with modern web interfaces, AI-assisted analysis, and real-time collaboration. Whether you're a solo researcher or part of a security team, KittySploit provides everything you need for effective penetration testing.
- ** Fast & Modern** - Built with performance and usability in mind
- ** AI-Powered** - Intelligent vulnerability detection and module suggestions
- ** Collaborative** - Real-time team collaboration built-in
- ** Extensible** - Easy module development and marketplace integration
- ** Multi-Interface** - CLI, REST API, RPC, and Web interfaces
- ** Privacy-First** - Built-in Tor support for anonymous operations
Windows:
install\install.batLinux / macOS:
chmod +x install/install.sh && ./install/install.shStart using:
python kittyconsole.pyNeed detailed instructions? Check out our Complete Installation Guide
- AI-Powered Analysis - Automatically detects technologies and suggests exploits
- Real-Time Collaboration - Work with your team on the same traffic
- Smart Endpoint Discovery - Extracts REST APIs, GraphQL, WebSockets automatically
- Performance Analytics - Deep insights into response times and bottlenecks
- Request/Response Modification - Intercept and modify traffic on-the-fly
- VS Code-like Editor - Familiar editing experience with Monaco Editor
- Live Synchronization - Real-time code editing with your team
- Integrated Chat - Communicate while developing
- Module Development - Edit KittySploit modules directly in the browser
- Exploits - Comprehensive exploit library for various vulnerabilities
- Payloads - Multi-platform payload generation (Python, Bash, PHP, Zig)
- Scanners - Fast vulnerability detection and assessment
- Post-Exploitation - Information gathering, pivoting, persistence
- Workflows - Automate complex attack chains
- Browser Auxiliary - Interact with hooked browsers (keylogging, cookie harvesting, form capture)
- Browser Exploits - Browser-based exploits via JavaScript injection
- Auxiliary - Scanners, fuzzers, enumerators, and DoS modules
- Encoders - Payload encoding and obfuscation (Base64, XOR, Unicode, etc.)
- CLI - Powerful command-line interface
- REST API - Full framework control via HTTP
- RPC Server - Remote procedure calls for automation
- Web Interfaces - Beautiful web UIs for KittyProxy and KittyCollab
- Tor Integration - Route all traffic through Tor
- Session Management - Secure multi-protocol session handling
- Workspace Isolation - Separate workspaces for different projects
Interactive command-line interface with module management
Analyse technologies, endpoints,...
AI-powered web proxy with real-time collaboration
Real-time collaborative code editor
Interface for kittysploit framework available on a marketplace
- Python: 3.8 or higher
- Disk Space: 500 MB (for Zig compiler)
- Docker: Optional (for Docker environment modules)
The installer handles everything automatically:
Windows:
cd kittysploit-framework
install\install.batLinux / macOS:
cd kittysploit-framework
chmod +x install/install.sh
./install/install.shWhat gets installed:
- ✅ Python version check (3.8+)
- ✅ All required dependencies
- ✅ Zig compiler (0.16) for payload compilation
- ✅ Start scripts and shortcuts
For advanced users who prefer manual setup:
git clone https://github.com/your-username/kittysploit-framework.git
cd kittysploit-framework
python -m venv venv
source venv/bin/activate # Windows: venv\Scripts\activate
pip install -r install/requirements.txtDetailed installation guide: Installation.md
CLI Mode (Interactive):
python kittyconsole.pyREST API Server:
python kittyapi.py -H 0.0.0.0 -p 5000 -m "master_key"RPC Server:
python kittyrpc.py -H 0.0.0.0 -p 8888 -m "master_key"KittyProxy (Web Proxy):
python kittyproxy.py
# Access at http://localhost:8000KittyCollab (Collaborative Editor):
python kittycollab.py
# Access at http://localhost:5001# 1. Start KittySploit
python kittyconsole.py
# 2. Search for a module
kittysploit> search wordpress
# 3. Load an exploit
kittysploit> use exploits/http/wordpress_rce
# 4. Configure options
kittysploit (exploits/http/wordpress_rce)> set RHOST 192.168.1.100
kittysploit (exploits/http/wordpress_rce)> set RPORT 80
# 5. Execute
kittysploit (exploits/http/wordpress_rce)> runLearn more: Getting Started Guide • CLI Reference
KittySploit is built with a modular architecture:
┌─────────────────────────────────────────┐
│ KittySploit Framework │
├─────────────────────────────────────────┤
│ CLI │ REST API │ RPC │ Web UIs │
├─────────────────────────────────────────┤
│ Module System │ Sessions │ Tor │
│ Scanners │ Payloads │ Proxy │
│ Workflows │ Marketplace │
└─────────────────────────────────────────┘
📖 Deep dive: Architecture Documentation
Complete documentation is available in the Wiki:
- Installation Guide - Step-by-step installation
- Getting Started - Your first steps
- Examples - Real-world usage examples
- Modules - Using modules
- CLI Reference - All commands
- API Reference - REST API
- RPC Reference - RPC server
- KittyProxy - Web proxy with AI analysis
- KittyCollab - Collaborative editor
- Sessions - Session management
- Listeners - Connection handlers
- Payloads - Payload generation
- Scanners - Vulnerability detection
- Post-Exploitation - Post-exploit modules
- Workflows - Automation
- Configuration - Framework settings
- Tor Integration - Anonymous operations
- Marketplace - Module marketplace
- Development - Create your own modules
- FAQ - Frequently asked questions
- Troubleshooting - Problem solving
- Web application security testing
- Network penetration testing
- Post-exploitation activities
- Vulnerability assessment
- Exploit development
- Vulnerability research
- Security tool development
- Educational purposes
- Real-time team coordination
- Shared exploit development
- Collaborative analysis
- Knowledge sharing
- Automated vulnerability scanning
- Workflow automation
- CI/CD integration
- Custom tooling
KittyProxy automatically analyzes traffic and suggests relevant exploits and scanners based on detected technologies.
Work with your team in real-time using KittyCollab - no external tools needed.
Install modules from the community marketplace or create your own.
Built for performance, extensibility, and ease of use.
Built-in Tor support for anonymous operations when needed.
We welcome contributions! Whether it's:
- Bug reports
- Feature requests
- Documentation improvements
- Code contributions
- Module submissions
See our Contributing Guide for details.
- ✅ Active Development - Regular updates and improvements
- ✅ Stable - Production-ready for security testing
- ✅ Well Documented - Comprehensive wiki and examples
- ✅ Community Driven - Open source and community-focused
- Enhanced AI capabilities
- More module types
- Improved UI/UX
- Performance optimizations
- Additional protocol support
- Website: app.kittysploit.com - Official KittySploit web platform
- Documentation: Wiki
- Bug Reports: GitHub Issues
- IRC: irc.libera.chat/#KittySploit - Join our IRC channel for real-time support
KittySploit is a penetration testing tool intended for educational and authorized security purposes only.
- ✅ Use only on systems you own
- ✅ Get explicit written permission before testing
- ✅ Follow all applicable laws and regulations
- ✅ Respect privacy and data protection
- ❌ Never use for unauthorized access
- ❌ Never use to harm others
By using KittySploit, you agree to use it responsibly and ethically.
This project is licensed under the MIT License - see the LICENSE file for details.