Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication...
Tag - Attack
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This...
Self-XSS attack using bit.ly to grab cookies tricking users into running malicious code How it works? Self-XSS is a social engineering attack used to gain...
wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse...
Elemental is a centralized threat library of MITRE ATT&CK techniques, Atomic Red Team tests, and over 280 Sigma rules. It provides an alternative way to...
About Thoron Framework Thoron Framework is a Linux post-exploitation framework that exploit Linux tcp vulnerability to get shell-like connection. Thoron...
This tool launches attack on k8s cluster from within. That means you already need to have an access with permission to deploy pods in a cluster to run it...
SKA allows you to implement a very simple and fast karma attack. You can sniff probe requests to choice the fake AP name or, if you want, you could insert...
Background A while back I was challenged to write a discovery tool with Python3 that could automate the process of finding sensitive information on network...
w3brute is an open source penetration testing tool that automates attacks directly to the website’s login page. w3brute is also supported for carrying...