Browsing category
Dolos Cloak is a python script designed to help network penetration testers and red teamers bypass 802.1x solutions by using an advanced man-in-the-middle attack. The tool is able to piggyback on the wired connection of a victim device that is already allowed on the target network without kicking the vicitim device off the network. It […]
InveighZero is a C# LLMNR/NBNS/mDNS/DNS spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to a Windows system. This version shares many features with the PowerShell version of Inveigh. Privileged Mode Features (elevated admin required) SMB capture – packet sniffer based LLMNR spoofer – packet sniffer based NBNS spoofer – […]
Developed since 2011 for the needs of the French Internet Resilience Observatory, TaBi is a framework that ease the detection of BGP IP prefixes conflicts, and their classification into BGP hijacking events. The term prefix hijacking refers to an event when an AS, called an hijacking AS, advertises illegitimately a prefix equal or more specific […]
Evilginx 2 is a MiTM Attack Framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. It’s a standalone application, fully written in GO, which implements its own HTTP and DNS server, making it extremely easy to set up and use. Disclaimer: Evilginx project is released for […]
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents […]
KillerBee framework is a tool for attacking ZigBee and IEEE 802.15.4 networks. KillerBee is designed to simplify the process of sniffing packets from the air interface or a supported packet capture file (libpcap or Daintree SNA), and for injecting arbitrary packets. Helper functions including IEEE 802.15.4, ZigBee NWK and ZigBee APS packet decoders are available […]
Tcpflow is a TCP/IP Demultiplexer. Tcpflow is used to record traffic mainly between 2 hosts although it can be used to monitor thousands of connections. Tcpflow differs from other tools by actually capturing the real data and dumping it to a file we specify. It can be then further used for other analysis purposes. One […]
A modern BeEF inspired framework for the 21st century. Cross-platform clients => Web [in-browser] and Desktop [Electron]. Created from-scratch using pure NodeJS and Typescript. What can it do? Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a database. Extract and log saved passwords from the browser. […]
NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. Legal disclaimer Usage of NetRipper for attacking targets without prior mutual consent is illegal. […]
Collaborative (mitm) cryptocurrency mining pool in wifi networks.It will inject a javascript in the html pages and force all the devices connected to a WiFi network to mine cryptocurrency for the attacker. This script performs autonomous MITM attack on WiFi networks. Warning: this project is for academic/research purposes only. Concept Performs a MITM attack to […]