This attack tool is a proof of concept (PoC) designed to demonstrate the risks associated with connecting to "Free Wi-Fi" access points. This tool simulates a malicious access point to lure victims, and then allows you to perform various attacks such as Man-In-The-Middle (MITM), phishing, vulnerability scanning, and packet manipulation.
Features
Fake Access Point Creation:
Create a malicious access point (Fake AP) using hostapd, dnsmasq, and NAT. This helps demonstrate how easily victims can be lured into connecting to a rogue network.
MITM Attacks:
Bettercap for ARP spoofing.
Ettercap for DNS spoofing (with GUI and caplets).
Mitmproxy for Proxy MITM.
Phishing Portal:
Deploy phishing scenarios using Wifiphisher to capture credentials and sensitive information.
Traffic Sniffing, Injection, and Packet Manipulation:
Capture, analyze, inject, and manipulate network packets using tools like tcpdump and Scapy.
Vulnerability Scanning:
Scan connected devices for vulnerabilities using Nmap with a customizable set of NSE (Nmap Scripting Engine) script categories and arguments.
Client Monitoring:
Monitor in real-time the devices connected to your Fake AP.
Real-Time Notifications:
Receive notifications about connected clients via a Telegram bot.
Reporting:
Generate and analyze reports in CSV format detailing the outcomes of attacks and scans.
Network Configuration Restoration:
Quickly restore the network configuration to its original state after testing.
Future Internationalization:
Planned support for multiple languages to accommodate researchers worldwide.
OS: Unix/Linux
Download:
Features
Fake Access Point Creation:
Create a malicious access point (Fake AP) using hostapd, dnsmasq, and NAT. This helps demonstrate how easily victims can be lured into connecting to a rogue network.
MITM Attacks:
Bettercap for ARP spoofing.
Ettercap for DNS spoofing (with GUI and caplets).
Mitmproxy for Proxy MITM.
Phishing Portal:
Deploy phishing scenarios using Wifiphisher to capture credentials and sensitive information.
Traffic Sniffing, Injection, and Packet Manipulation:
Capture, analyze, inject, and manipulate network packets using tools like tcpdump and Scapy.
Vulnerability Scanning:
Scan connected devices for vulnerabilities using Nmap with a customizable set of NSE (Nmap Scripting Engine) script categories and arguments.
Client Monitoring:
Monitor in real-time the devices connected to your Fake AP.
Real-Time Notifications:
Receive notifications about connected clients via a Telegram bot.
Reporting:
Generate and analyze reports in CSV format detailing the outcomes of attacks and scans.
Network Configuration Restoration:
Quickly restore the network configuration to its original state after testing.
Future Internationalization:
Planned support for multiple languages to accommodate researchers worldwide.
OS: Unix/Linux
Download: