Skip to content

SIA-IOTechnology/Kittysploit-framework

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

98 Commits
core
core
 
 
data
data
 
 
docs
docs
 
 
examples/marketplace_modules
examples/marketplace_modules
 
 
install
install
 
 
interfaces
interfaces
 
 
kittysploit
kittysploit
 
 
lib
lib
 
 
modules
modules
 
 
plugins
plugins
 
 
scripts
scripts
 
 
static
static
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
client_api.py
client_api.py
 
 
client_rpc.py
client_rpc.py
 
 
env_setup.py
env_setup.py
 
 
kittyapi.py
kittyapi.py
 
 
kittycollab.py
kittycollab.py
 
 
kittyconsole.py
kittyconsole.py
 
 
kittymcp_client.py
kittymcp_client.py
 
 
kittymcp_server.py
kittymcp_server.py
 
 
kittyosint.py
kittyosint.py
 
 
kittyproxy.py
kittyproxy.py
 
 
kittyrpc.py
kittyrpc.py
 
 
kittyupdate.py
kittyupdate.py
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

KittySploit Logo

KittySploit Framework

Kill In The TTY

The Modern Penetration Testing Framework

Python License Version Donate using Liberapay

Modular • Extensible • Powerful

DocumentationQuick StartScreenshotsWebsite

KittySploit Framework Banner

Install (Linux / macOS):

curl -fsSL https://raw.githubusercontent.com/SIA-IOTechnology/kittysploit-framework/main/install/install-standalone.sh | bash

What is KittySploit?

KittySploit is a next-generation penetration testing framework that combines the power of traditional CLI tools with modern web interfaces, AI-assisted analysis, and real-time collaboration. Whether you're a solo researcher or part of a security team, KittySploit provides everything you need for effective penetration testing.

Why Choose KittySploit?

  • ** Fast & Modern** - Built with performance and usability in mind
  • ** AI-Powered** - Intelligent vulnerability detection and module suggestions
  • ** Collaborative** - Real-time team collaboration built-in
  • ** Extensible** - Easy module development and marketplace integration
  • ** Multi-Interface** - CLI, REST API, RPC, and Web interfaces
  • ** Privacy-First** - Built-in Tor support for anonymous operations

Quick Start

Installation

One-line install (Linux / macOS) — clone + install in one command:

curl -fsSL https://raw.githubusercontent.com/SIA-IOTechnology/kittysploit-framework/main/install/install-standalone.sh | bash

Installs to ~/kittysploit-framework by default. To choose a directory:

curl -fsSL https://raw.githubusercontent.com/SIA-IOTechnology/kittysploit-framework/main/install/install-standalone.sh | bash -s -- /path/to/install

Windows:

install\install.bat

Linux / macOS (from existing clone):

chmod +x install/install.sh && ./install/install.sh

Install via pip (all platforms):

pip install kittysploit

Then run: kittysploit (console), kittyproxy (proxy UI), or kittyosint (OSINT).

From source (editable install):

git clone https://github.com/SIA-IOTechnology/kittysploit-framework.git
cd kittysploit-framework
pip install -e .

Start using (from clone, without pip):

python kittyconsole.py

Need detailed instructions? Check out our Complete Installation Guide

Key Features

KittyProxy - Intelligent Web Proxy

  • AI-Powered Analysis - Automatically detects technologies and suggests exploits
  • Real-Time Collaboration - Work with your team on the same traffic
  • Smart Endpoint Discovery - Extracts REST APIs, GraphQL, WebSockets automatically
  • Performance Analytics - Deep insights into response times and bottlenecks
  • Request/Response Modification - Intercept and modify traffic on-the-fly

KittyCollab - Real-Time Collaboration

  • VS Code-like Editor - Familiar editing experience with Monaco Editor
  • Live Synchronization - Real-time code editing with your team
  • Integrated Chat - Communicate while developing
  • Module Development - Edit KittySploit modules directly in the browser

KittyOsint - Intelligent Graph Mapping

Complete Module System

  • Exploits - Comprehensive exploit library for various vulnerabilities
  • Payloads - Multi-platform payload generation (Python, Bash, PHP, Zig)
  • Scanners - Fast vulnerability detection and assessment
  • Post-Exploitation - Information gathering, pivoting, persistence
  • Workflows - Automate complex attack chains
  • Browser Auxiliary - Interact with hooked browsers (keylogging, cookie harvesting, form capture)
  • Browser Exploits - Browser-based exploits via JavaScript injection
  • Auxiliary - Scanners, fuzzers, enumerators, and DoS modules
  • Encoders - Payload encoding and obfuscation (Base64, XOR, Unicode, etc.)

Multiple Interfaces

  • CLI - Powerful command-line interface
  • REST API - Full framework control via HTTP
  • RPC Server - Remote procedure calls for automation
  • Web Interfaces - Beautiful web UIs for KittyProxy and KittyCollab

Privacy & Security

  • Tor Integration - Route all traffic through Tor
  • Session Management - Secure multi-protocol session handling
  • Workspace Isolation - Separate workspaces for different projects

Screenshots

CLI Interface

CLI Interface Interactive command-line interface with module management

KittyProxy Web Interface

KittyProxy Analyze technologies, endpoints, and more

KittyProxy AI-powered web proxy with real-time collaboration

KittyCollab Editor

KittyCollab Real-time collaborative code editor

KittyOsint

KittyOsint OSINT — intelligent graph mapping

Module Marketplace

Marketplace KittySploit module marketplace

Requirements

  • Python: 3.8 or higher
  • Disk Space: 500 MB (for Zig compiler)
  • Docker: Optional (for Docker environment modules)

Installation

Automatic Installation (Recommended)

The installer handles everything automatically:

Linux / macOS — one line (clone + install):

curl -fsSL https://raw.githubusercontent.com/SIA-IOTechnology/kittysploit-framework/main/install/install-standalone.sh | bash

Windows:

cd kittysploit-framework
install\install.bat

Linux / macOS (from existing clone):

cd kittysploit-framework
chmod +x install/install.sh
./install/install.sh

What gets installed:

  • ✅ Python version check (3.8+)
  • ✅ All required dependencies
  • ✅ Zig compiler (0.16) for payload compilation
  • ✅ Start scripts and shortcuts

Manual Installation

For advanced users who prefer manual setup:

git clone https://github.com/SIA-IOTechnology/Kittysploit-framework
cd kittysploit-framework
python -m venv venv
source venv/bin/activate  # Windows: venv\Scripts\activate
pip install -r install/requirements.txt

Detailed installation guide: Installation.md

Usage

Start KittySploit

CLI Mode (Interactive):

python kittyconsole.py

CLI Mode + Integrated Proxy:

python kittyconsole.py --proxy --proxy-port 8888 --proxy-mode http

REST API Server:

python kittyapi.py -H 0.0.0.0 -p 5000 -m "master_key"

RPC Server:

python kittyrpc.py -H 0.0.0.0 -p 8888 -m "master_key"

Autonomous agent

The built-in agent command runs an autonomous reconnaissance, scanning, optional exploitation, and reporting workflow against a target. It uses the module catalog and can optionally call a local LLM (Ollama-compatible) to plan which modules to run next.

From an installed kittysploit command:

kittysploit agent example.com
kittysploit agent https://example.com --threads 10
kittysploit agent example.com --protocol http
kittysploit agent example.com --no-exploit

From a source checkout:

python kittyconsole.py agent example.com

Local LLM-assisted planning (default chat endpoint http://127.0.0.1:11434/api/chat):

kittysploit agent example.com --llm-local --llm-model llama3.1:8b
kittysploit agent example.com --llm-local --llm-model llama3.1:8b --llm-endpoint http://127.0.0.1:11434/api/chat

Tune catalog breadth:

kittysploit agent example.com --max-modules 40 --recon-modules 12

When the run finishes successfully, a report path is printed (under reports/agent/ by default). If new sessions were opened, the agent may drop you into an interactive session on the most recent one.

Use kittysploit agent -h (or agent with no target inside the console) for the full usage text.

Natural Language Client

kittymcp_client.py lets you control KittySploit in natural language without using an external MCP client.

Interactive mode:

python3 kittymcp_client.py \
  --master-key "master_key" \
  --accept-charter \
  --ollama \
  --ollama-model mistral:7b-instruct-q4_0

Then type requests directly:

kittymcp> search for a WordPress module
kittymcp> explain the KittySploit framework
kittymcp> /run use a WordPress module and show the options

One-shot mode:

python3 kittymcp_client.py \
  --master-key "master_key" \
  --accept-charter \
  --ollama \
  --ollama-model mistral:7b-instruct-q4_0 \
  "search for a WordPress module"

Plan and execute the first recommended command:

python3 kittymcp_client.py \
  --master-key "master_key" \
  --accept-charter \
  --ollama \
  --ollama-model mistral:7b-instruct-q4_0 \
  --run \
  "use a WordPress module and prepare the scan"

If you prefer using environment variables:

export KITTYSPLOIT_MASTER_KEY="master_key"
export KITTYMCP_OLLAMA_ENABLED=1
export KITTYMCP_OLLAMA_MODEL="mistral:7b-instruct-q4_0"
python3 kittymcp_client.py

Start Components

KittyProxy (Web Proxy):

python kittyproxy.py
# Access at http://localhost:8000

KittyCollab (Collaborative Editor):

python kittycollab.py
# Access at http://localhost:5001

Your First Exploit

# 1. Start KittySploit
python kittyconsole.py

# 2. Search for a module
kittysploit> search wordpress

# 3. Load an exploit
kittysploit> use exploits/http/wordpress_rce

# 4. Configure options
kittysploit (exploits/http/wordpress_rce)> set RHOST 192.168.1.100
kittysploit (exploits/http/wordpress_rce)> set RPORT 80

# 5. Execute
kittysploit (exploits/http/wordpress_rce)> run

Learn more: Getting Started GuideCLI Reference

Architecture

KittySploit is built with a modular architecture:

┌─────────────────────────────────────────┐
│         KittySploit Framework           │
├─────────────────────────────────────────┤
│  CLI  │  REST API  │  RPC  │  Web UIs   │
├─────────────────────────────────────────┤
│  Module System  │  Sessions  │  Tor     │
│  Scanners       │  Payloads  │  Proxy   │
│  Workflows      │  Marketplace          │
└─────────────────────────────────────────┘

📖 Deep dive: Architecture Documentation

Documentation

Complete documentation is available in the Wiki:

Getting Started

Core Documentation

Components

Advanced

Help

Use Cases

Penetration Testing

  • Web application security testing
  • Network penetration testing
  • Post-exploitation activities
  • Vulnerability assessment

Security Research

  • Exploit development
  • Vulnerability research
  • Security tool development
  • Educational purposes

Team Collaboration

  • Real-time team coordination
  • Shared exploit development
  • Collaborative analysis
  • Knowledge sharing

Automation

  • Automated vulnerability scanning
  • Workflow automation
  • CI/CD integration
  • Custom tooling

What Makes KittySploit Special?

AI-Powered Intelligence

KittyProxy automatically analyzes traffic and suggests relevant exploits and scanners based on detected technologies.

Built-in Collaboration

Work with your team in real-time using KittyCollab - no external tools needed.

Extensible Marketplace

Install modules from the community marketplace or create your own.

Modern Architecture

Built for performance, extensibility, and ease of use.

Privacy First

Built-in Tor support for anonymous operations when needed.

Contributing

We welcome contributions! Whether it's:

  • Bug reports
  • Feature requests
  • Documentation improvements
  • Code contributions
  • Module submissions

See our Contributing Guide for details.

Project Status

  • Active Development - Regular updates and improvements
  • Stable - Production-ready for security testing
  • Well Documented - Comprehensive wiki and examples
  • Community Driven - Open source and community-focused

Roadmap

  • Enhanced AI capabilities
  • More module types
  • Improved UI/UX
  • Performance optimizations
  • Additional protocol support

Support & Community

  • Website: app.kittysploit.com - Official KittySploit web platform
  • Documentation: Wiki
  • Bug Reports: GitHub Issues
  • IRC: irc.libera.chat/#KittySploit - Join our IRC channel for real-time support

⚠️ Legal & Ethical Use

KittySploit is a penetration testing tool intended for educational and authorized security purposes only.

  • ✅ Use only on systems you own
  • ✅ Get explicit written permission before testing
  • ✅ Follow all applicable laws and regulations
  • ✅ Respect privacy and data protection
  • ❌ Never use for unauthorized access
  • ❌ Never use to harm others

By using KittySploit, you agree to use it responsibly and ethically.

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

Made with ❤️ by the KittySploit Team

🌐 Website

Donate using Liberapay

About

Python Exploitation Framework

kittysploit.com

Topics

python marketplace exploit proxy collaboration interceptor post-exploitation exploitation-framework pivoting proxy-web

Resources

Readme

License

MIT license
Activity

Stars

39 stars

Watchers

0 watching

Forks

2 forks
Report repository

Releases 1

KittySploit v1.0.2 Latest
Apr 7, 2026

Contributors

Languages