Lockphish – The First Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode

Lockphish it’s the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link. LockPhish Tutorial: https://www.kalilinux.in/2020/05/lockphish.htmlAuthor: The Linux Choice (Who deleted his GitHub repository)Twitter: https://twitter.com/linux_choice Features: Lockscreen phishing page for Windows, Android and iPhone Auto detect device Port Forwarding by NgrokRead More

uriDeep – Unicode Encoding Attacks With Machine Learning

Unicode encoding attacks with machine learning. Tool based on machine learning to create amazing fake domains using confusables. Some domains can deceive IDN policies (Chrome & Firefox). I created the best (big) dictionary of confusables using neural networks. It is used in the tool and it can be download from: https://github.com/mindcrypt/uriDeep/blob/master/data/deepDiccConfusables.txt _mindcrypt@kali:~/tool/uriDeep# python3 uriDeep.py _Read More

Killchain – A Unified Console To Perform The "Kill Chain" Stages Of Attacks

What is “Kill Chain”? From Wikipedia: The term kill chain was originally used as a military concept related to the structure of an attack; consisting of target identification, force dispatch to target, decision, order to attack the target, and finally the destruction of the target. Reconnaissance – Uses social engineering to find weaknesses in theRead More

Vulnerable-AD – Create A Vulnerable Active Directory That’S Allowing You To Test Most Of Active Directory Attacks In Local Lab

Create a vulnerable active directory that’s allowing you to test most of active directory attacks in local lab.Main Features Randomize Attacks Full Coverage of the mentioned attacks you need run the script in DC with Active Directory installed Some of attacks require client workstation Supported Attacks Abusing ACLs/ACEs Kerberoasting AS-REP Roasting Abuse DnsAdmins Password inRead More

Phirautee – A PoC Crypto Virus To Spread User Awareness About Attacks And Implications Of Ransomwares

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.Phirautee is a Living off the Land (LotL)Read More

Padding-Oracle-Attacker – CLI Tool And Library To Execute Padding Oracle Attacks Easily

CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.InstallMake sure Node.js is installed, then run $ npm install –global padding-oracle-attacker or $ yarn global add padding-oracle-attacker CLI Usage Usage $ padding-oracle-attacker decrypt <url> hex:<ciphertext_hex> <block_size> <error> [options] $ padding-oracle-attacker decrypt <url> b64:<ciphertext_b64> <block_size> <error>Read More

Lockphish – A Tool For Phishing Attacks On The Lock Screen, Designed To Grab Windows Credentials, Android PIN And iPhone Passcode

Lockphish it’s the first tool (05/13/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link. Features: Lockscreen phishing page for Windows, Android and iPhone Auto detect device Port Forwarding by Ngrok IP Tracker Legal disclaimer:Usage of Lockphish for attacking targets without prior mutualRead More

crauEmu – An uEmu Extension For Developing And Analyzing Payloads For Code-Reuse Attacks

crauEmu is an uEmu extension for developing and analyzing payloads for code-reuse attacks. Slides from ZeroNights 2019 Demo 1 – X32-64, Edge, rop-gadgets from pwnjs Demo 2 – ARM64, checkm8 callback-chain * Mascot designed by @kottsarapkin RopEditor Installation Put the file crauEmu.py in same location as uEmu.py. Use File / Script file… or ALT+F7 in IDARead More

X