Frameless BITB A new approach to Browser In The Browser (BITB) without the use of iframes, allows...
Social Engineering
r4ven The tool hosts a fake website that uses an iframe to display a legit website and,...
EvilSlackbot A Slack Attack Framework for conducting Red Team and phishing exercises within Slack workspaces. Background Thousands...
CuddlePhish Weaponized multi-user browser-in-the-middle (BitM) for penetration testers. This attack can be used to bypass multi-factor authentication...
TeamsPhisher TeamsPhisher is a Python3 program that facilitates the delivery of phishing messages and attachments to Microsoft...
Html Smuggling HTML smuggling is a malicious technique used by hackers to hide malware payloads in an...
QRExfiltrate This tool is a command line utility that allows you to convert any binary file into...
SquarePhish SquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device code authentication...
EvilnoVNC EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by...
evilgophish Combination of evilginx2 and GoPhish. Why? As a penetration tester or red teamer, you may have heard of evilginx2 as...
ForceAdmin ForceAdmin is a c# payload builder, creating infinite UAC pop-ups until the user allows the program...
XLL_Phishing Introduction With Microsoft’s recent announcement regarding the blocking of macros in documents originating from the internet (email...
Storm-Breaker Social engineering tool [Access Webcam & Microphone & Location Finder] With Python Features: Get Device Information...
O365-Doppelganger O365-Doppelganger is NOT a replacement for hardcore phishing activities. There are several other tools which perform...
What is Phishious? Phishious is an open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers and developed...