Category: Social Engineering
O365-Doppelganger O365-Doppelganger is NOT a replacement for hardcore phishing activities. There are several other tools which perform OAuth and OTA capture which is not the aim of O365-Doppelganger. O365-Doppelganger is a quick handy script...
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities. The tool re-implements the 15-years old idea of using a custom reverse proxy to dynamically interact with the origin to be targeted,...
Goblin for Phishing Exercise Tools Goblin is a phishing rehearsal tool for red-blue confrontation. By using a reverse proxy, it is possible to obtain information about a user without affecting the user’s operation perceptibly...
dnstwits See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud, and corporate...
SniperPhish SniperPhish is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish helps to combine both phishing emails and phishing websites you created to centrally...
What is Phishious? Phishious is an open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers and developed by the team at https://caniphish.com. Phishious provides the ability to see how various Secure Email Gateway technologies behave...
goCabrito Super organized and flexible script for sending phishing campaigns. Features Sends to a single email Sends to lists of emails (text) Sends to lists emails with first, last name (csv) Supports attachments Splits...
ThePhish ThePhish is an automated phishing email analysis tool based on TheHive, Cortex, and MISP. It is a web application written in Python 3 and based on Flask that automates the entire analysis process starting from the extraction...
ntlm_theft A tool for generating multiple types of NTLMv2 hash theft files. ntlm_theft is an Open Source Python3 Tool that generates 21 different types of hash theft documents. These can be used for phishing...
EvilURL A Unicode domain phishing generator for IDN Homograph Attack. Changelog v3.0 Improved permutations Full script updated to CLI Check domains from lists Check available domains Check domains connection Logging Download git clone https://github.com/UndeadSec/EvilURL.git...