Recon
Homograph / punnycode
- anilyuk/punydomaincheck - Puny Domain Name Check
- UndeadSec/EvilURL - Generate unicode evil domains for IDN Homograph Attack and detect them
- DavidJacobson/SafeText - Script to remove homoglyphs and zero-width characters to allow for safe distribution of documents from anonymous sources
Social engineering
- zizaltuntas/Camelishing - Social Engineering Tool
- trustedsec/social-engineer-toolkit - The Social-Engineer Toolkit (SET) repository from TrustedSec
- SpiderLabs/social_mapper - A Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf) - 根据头像,自动识别fb/lnkd等不同平台的账号,是不是同一个人的
- pownjs/pown-whoarethey - Quickly identify social networking accounts and more
- sshell/reddit-analyzer - find out when and where someone is posting to reddit - 2019停更,但是2022.08测试接口依然可用
- Recovering a lost phone number using the hacker mindset - 将手机号列表导入Google Contacts,登录viber后,如果目标手机号有注册过会自动识别出来,并获取头像等信息
Phishing
- r00tSe7en/Flash-Pop - Flash钓鱼弹窗优化版
- Ignitetch/AdvPhishing - This is Advance Phishing Tool ! OTP PHISHING
- xiecat/goblin - 一款适用于红蓝对抗中的仿真钓鱼系统
- drk1wi/Modlishka - Reverse Proxy, 3.5K star,go实现的反向代理
- sumerzhang/PhishingInstall - 发信平台自动化部署,postfix/dovecot/dkim/certbot/..
- KrauseFx/steal.password - Easily get the user's Apple ID password, just by asking - iOS App内弹窗,防不胜防
- security.berkeley.ed: Phishing Examples Archive - 持续更新
- CaledoniaProject/Phishing-Samples - 钓鱼样本,仅截图
- rf-peixoto/phishing_pot - A collection of phishing samples for researchers and detection developers
- kgretzky/evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, alowing to bypass 2-factor authentication
- UndeadSec/SocialFish - Ultimate phishing tool with Ngrok integrated
- omergunal/PoT - Phishing on Twitter
- dutchcoders/ares - Phishing toolkit for red teams and pentesters
- ryhanson/phishery - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector
- threatexpress/domainhunter - Checks expired domains, bluecoat categorization, and Archive.org history to determine good candidates for phishing and C2 domain names
- Mr-Un1k0d3r/CatMyFish - Search for categorized domain that can be used during red teaming engagement
- jofpin/trape - People tracker on the Internet: Learn to track the world, to avoid being traced
- L4bF0x/PhishingPretexts - A library of pretexts to use on offensive phishing engagements
- pentestgeek/phishing-frenzy - Ruby on Rails Phishing Framework
- BishopFox/spoofcheck - Simple script that checks a domain for email protections
- nccgroup/typofinder - A finder of domain typos showing country of IP address
- thelinuxchoice/blackeye - The most complete Phishing Tool, with 32 templates +1 customizable
- gophish - open-source phishing toolkit designed for businesses and penetration testers - 注意干掉 X-Mailer 特征
- securestate/king-phisher - Phishing Campaign Toolkit
- Raikia/FiercePhish - a full-fledged phishing framework to manage all phishing engagements
- bhdresh/SocialEngineeringPayloads - a collection of social engineering tricks and payloads being used for credential theft and spear phishing attacks
- ustayready/CredSniper - a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens
- freeCodeCamp/mail-for-good - An open source email campaign management tool for nonprofits
- openworldoperations/FISHY - 做个假的URL栏,已经SSL证书标识,思路比较新
- htr-tech/nexphisher - Advanced Phishing tool for Linux & Termux
- t4d/StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations
- tatanus/SPF - SpeedPhishing Framework
Desktop phishing
- enigma0x3/Invoke-LoginPrompt - Invokes a Windows Security Login Prompt and outputs the clear text password
- fox-it/Invoke-CredentialPhisher
- bitsadmin/fakelogonscreen - Fake Windows logon screen to steal passwords - 1.3K star
- Pickfordmatt/SharpLocker - current user credentials by popping a fake Windows lock screen, all output is sent to Console which works perfect for Cobalt Strike
- Dviros/CredsLeaker - allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.
Phishing detection
- wesleyraptor/streamingphish - Python-based utility that uses supervised machine learning to detect phishing domains from the Certificate Transparency log network
- OpenPhish - Phishing Intelligence
- x0rz/phishing_catcher - Phishing catcher using Certstream
- utkusen/jeopardize - a low(zero) cost threat intelligence&response tool against phishing domains
- jimywork/certstreamcatcher - detecting phishing sites in real time using certstream and can also detect punycode (IDNA) attacks
- LogRhythm-Labs/PIE - An Active Defense PowerShell Framework for Phishing Defense with Office 365
- trailofbits/deceptiveidn - Use computer vision to determine if an IDN can be interpreted as something it's not
- elceef/dnstwist - Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
OAuth
- fireeye/PwnAuth - A web application framework for launching and managing OAuth abuse campaigns
- dxa4481/XSSOauthPersistence - Maintaining account persistence via XSS and Oauth
Uncategorized