WiFi-Pumpkin - Framework For Rogue Wi-Fi AP Attack

    WiFi-Pumpkin is security tool that provide the Rogue access point to Man-In-The-Middle and network attacks. purporting to provide wireless Internet services, but snooping on the traffic. can be used to capture of credentials of unsuspecting users by either snooping the communication by phishing.



Features
  • Rouge Wi-Fi Access Point
  • Deauth Attack Clients AP
  • Probe Request Monitor
  • DHCP Starvation Attack
  • Crendentials Monitor
  • Windows Update Attack
  • Phishing Manager
  • Partial bypass HSTS
  • Dump credentials phishing
  • Support beef hook
  • Report Logs html
  • Mac Changer
  • ARP Posion
  • DNS Spoof
Screenshot



Plugins

  • net-creds - Sniff passwords and hashes from an interface or pcap file
  • dns2proxy - This tools offer a different features for post-explotation once you change the DNS server to a Victim.
  • sslstrip2 - Sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks based version fork @LeonardoNve/@xtr4nge.
  • sergio-proxy - Sergio Proxy (a Super Effective Recorder of Gathered Inputs and Outputs) is an HTTP proxy that was written in Python for the Twisted framework.
Transparent Proxy

 Transparent proxies that you can use to intercept and manipulate HTTP/HTTPS traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "Proxy" automatically will be listed on PumpProxy tab.




Posted by
Labels: