Miteru Miteru is an experimental phishing kit detection tool. How it works It collects phishing suspicious URLs from the following feeds: urlscan.io certstream-suspicious feed OpenPhish…
View More Miteru v0.12.0 releases: An experimental phishing kit detection tool
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool…
View More evilginx2 v2.3 releases: MITM attack framework that allow to bypass 2-factor authentication
DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or…
View More dnsmorph v1.2.4 releases: domain name permutation engine
Squatm3 Squatm3 is a python tool designed to enumerate available domains generated modifying the original domain name through different techniques: Substitution attacks Flipping attack Homoglyph…
View More squatm3: enumerate available domains
trape (open source) People tracker on the Internet: Learn to track the world, to avoid being traced. Trape is an OSINT analysis and research tool, which allows…
View More trape v2.0 releases: People tracker on the Internet
evil-ssdp This tool responds to SSDP multicast discovery requests, posing as a generic UPNP device. Your spoofed device will magically appear in Windows Explorer on…
View More evil-ssdp: Spoof SSDP replies to phish for NTLM hashes on a network
Cartero A robust Phishing Framework with a full-featured CLI interface. The project was born out of necessity through of years of engagements with tools that…
View More Cartero – Social Engineering Framework
Invoke-NoShell Invoke-NoShell outputs a Mircosoft Office Word .doc file with an embedded macro. It allows the automation of multiple similar versions of files, allowing to…
View More Invoke-NoShell: All the Power with no Shell
CatMyPhish Search for a categorized domain that can be used during the red teaming engagement. Perfect to setup whitelisted domain for your Cobalt Strike beacon…
View More CatMyPhish: Search for categorized domain
The Social-Engineer Toolkit (SET) is specifically designed to perform advanced attacks against the human element. SET has quickly become a standard tool in a penetration…
View More Social-Engineer Toolkit (SET) v7.7.9 released