Security Training Share
mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address...
Cuishark A protocol analyzer like a Wireshark on CUI. It is very-powerful protocol analyzer which has really rich UI. And you can use such a rich UI for protocol analysis on just CUI without...
rshijack tcp connection hijacker, rust rewrite of shijack from 2001. This was written for TAMUctf 2018, brick house 100. The target was a telnet server that was protected by 2FA. Since the challenge wasn’t authenticated, there...
haxxmap Some simple go tools to perform a Man-in-the-middle (MITM) attack on your IMAP server in case you forgot your password. Use case I forgot the password to my email account, but on my...
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used...
The THC IPV6 ATTACK TOOLKIT comes already with lots of effective attacking tools: – parasite6: ICMPv6 neighbor solicitation/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite) – alive6: an effective alive...
Morpheus – automated ettercap TCP/IP Hijacking tool Framework description It’s a Man-In-The-Middle (mitm) suite that allows users to manipulate tcp/udp data using ettercap, urlsnarf, msgsnarf and tcpkill as backend applications. but this tool main...
PCredz This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface....
PyRDP PyRDP is a Python 3 Remote Desktop Protocol (RDP) Man-in-the-Middle (MITM) and library. It features a few tools: RDP Man-in-the-Middle Logs credentials used to connect Steals data copied to the clipboard Saves a...
airpwn-ng The home of the new and improved version of airpwn. We force the target’s browser to do what we want Most tools of this type simply listen to what a browser does, and...
GRFICS GRFICS is a graphical realism framework for industrial control simulations that uses Unity 3D game engine graphics to lower the barrier to entry for industrial control system security. GRFICS provides users with a...
SSLsplit – transparent SSL/TLS interception Overview SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis, and penetration testing. SSLsplit...
respounder A tool that detects the presence of a Responder in the network Identifies compromised machines before hackers run away with the loot (hashes) It sends LLMNR name resolution requests for made-up hostnames that do not...
evil-ssdp This tool responds to SSDP multicast discovery requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted...
