ss7-fragz: Fragging SS7 for fun and profit
ss7-fragz: Fragging SS7 for fun and profit SS7 is nowadays transported over SIGTRAN. The SIGTRAN stack relies on IP and SCTP. Above the adaptation layer – M2UA, M2PA, M3UA -, the...
Category: Sniffing & Spoofing
MITMsmtp v0.0.2 released: an Evil SMTP Server for pentesting SMTP clients
MITMsmtp MITMsmtp is an Evil SMTP Server for pentesting SMTP clients to catch login credentials and mails sent over plain or SSL/TLS encrypted connections. The idea is to catch sensitive...
habu v0.1.6 released: Python Network Hacking Toolkit
Habu: Python Network Hacking Toolkit I’m developing Habu to teach (and learn) some concepts about Python and Network Hacking. These are basic functions that help with some tasks for Ethical...
mitm6 v0.3 releases: pwning IPv4 via IPv6
mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with...
cuishark: A protocol analyzer like a wireshark on CUI
Cuishark A protocol analyzer like a Wireshark on CUI. It is very-powerful protocol analyzer which has really rich UI. And you can use such a rich UI for protocol analysis...
rshijack v0.4 releases: tcp connection hijacker, rust rewrite of shijack
rshijack tcp connection hijacker, rust rewrite of shijack from 2001. This was written for TAMUctf 2018, brick house 100. The target was a telnet server that was protected by 2FA. Since the...
haxxmap: Man-in-the-middle (MITM) attack on your IMAP server
haxxmap Some simple go tools to perform a Man-in-the-middle (MITM) attack on your IMAP server in case you forgot your password. Use case I forgot the password to my email...
evilginx2 v3.2 releases: MITM attack framework that allow to bypass 2-factor authentication
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released...
thc-ipv6 v3.8 release: IPv6 attack toolkit
The THC IPV6 ATTACK TOOLKIT comes already with lots of effective attacking tools: – parasite6: ICMPv6 neighbor solicitation/advertisement spoofer, puts you as man-in-the-middle, same as ARP mitm (and parasite) –...
morpheus: Automated Ettercap TCP/IP Hijacking Tool
Morpheus – automated ettercap TCP/IP Hijacking tool Framework description It’s a Man-In-The-Middle (mitm) suite that allows users to manipulate tcp/udp data using ettercap, urlsnarf, msgsnarf and tcpkill as backend applications....
PCredz: extracts Credit card numbers, NTLM, Kerberos, HTTP Basic, etc from a pcap file/from a live interface
PCredz This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or...
PyRDP v2.1 releases: Python 3 Remote Desktop Protocol Man-in-the-Middle
PyRDP PyRDP is a Python 3 Remote Desktop Protocol (RDP) Man-in-the-Middle (MITM) and library. It features a few tools: RDP Man-in-the-Middle Logs credentials used when connecting Steals data copied to...
airpwn-ng: framework for 802.11 (wireless) packet injection
airpwn-ng The home of the new and improved version of airpwn. We force the target’s browser to do what we want Most tools of this type simply listen to what...
GRFICS: Graphical Realism Framework for Industrial Control Simulations
GRFICS GRFICS is a graphical realism framework for industrial control simulations that uses Unity 3D game engine graphics to lower the barrier to entry for industrial control system security. GRFICS...
sslsplit v0.5.5 releases: Transparent SSL/TLS interception
SSLsplit – transparent SSL/TLS interception Overview SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis,...
