SquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes. See PhishInSuits for more details on using OAuth Device Code flow for phishing attacks. _____ _____ _ _ _ / ____| | __ | | (_) | | | (___ __ _ _ _ __Read More
EvilnoVNC is a Ready to go Phishing Platform. Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection. In addition, this tool allows us to see in real time all of the victim’s actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords,Read More
With Microsoft’s recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download), attackers have began aggressively exploring other options to achieve user driven access (UDA). There are several considerations to be weighed and balanced when looking for a viable phishing for access method: Complexity – The more stepsRead More
The program is made for educational purposes only for to see how the phishing method works. Any unnecessary use of the program is prohibited and the manufacturer has no responsibility for any illegal use by anyone. Use the tool at your own risk and avoid any sloppy actions. Installation Instructions Installation on Gnu / LinuxRead More
What is openSquat openSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or domains, such as: Phishing campaigns Domain squatting Typo squatting Bitsquatting IDN homograph attacks Doppenganger domains Other brand/domain related scams It does support some key features such as: Automatic newly registered domain updating (once a day)Read More
Super organized and flexible script for sending phishing campaigns. Features Sends to a single email Sends to lists of emails (text) Sends to lists emails with first, last name (csv) Supports attachments Splits emails in groups Delays sending emails between each group Support Tags to be placed and replaced in the message’s body Add {{name}}Read More
Spam Scanner is the best anti-spam, email filtering, and phishing prevention service. Spam Scanner is a drop-in replacement and the best alternative to SpamAssassin, rspamd, SpamTitan, and more. Foreword Spam Scanner is a tool and service built by @niftylettuce after hitting countless roadblocks with existing spam-detection solutions. In other words, it’s our current plan forRead More
Kit Hunter: A basic phishing kit detection tool Version 2.6.0 28 September 2021 Testing and development took place on Python 3.7.3 (Linux) What is Kit Hunter? Kit Hunter is a personal project to learn Python, and a basic scanning tool that will search directories and locate phishing kits based on established markers. As detection happens,Read More
SniperPhish is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish helps to combine both phishing emails and phishing websites you created to centrally track user actions. The tool is designed in a view of performing professional phishing exercise and would be reminded to take priorRead More
MaskPhish is a simple script to hide phishing URL under a normal looking URL(google.com or facebook.com). Legal Disclaimer: Usage of MaskPhish for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuseRead More
