Ahaz1701 / EvilWorkerLinks
A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its minimalist, robust, and highly adaptable architecture, this solution can be easily deployed on PaaS.
☆125Updated 2 months ago
Alternatives and similar repositories for EvilWorker
Users that are interested in EvilWorker are comparing it to the libraries listed below
Sorting:
- ☆92Updated 9 months ago
- Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler☆112Updated 3 months ago
- Living off the land searches for explorer and sharepoint☆90Updated 6 months ago
- Deploy a phishing infrastructure on the fly.☆76Updated 10 months ago
- A Python based tool to convert custom queries from Legacy BloodHound to BloodHound CE format, with the option to directly upload them to …☆31Updated 3 weeks ago
- OAuth Device Code Phishing Toolkit☆91Updated last month
- Tool to extract username and password of current user from PanGPA in plaintext☆88Updated 10 months ago
- ☆148Updated 5 months ago
- This is my starred repositories including the description for each tool. Makes search/filter over them easier.☆54Updated 8 months ago
- A Python POC for CRED1 over SOCKS5☆158Updated last year
- ☆71Updated 7 months ago
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.☆130Updated 9 months ago
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆78Updated 11 months ago
- Adversary Emulation Framework☆125Updated 3 months ago
- Wonka is a sweet Windows tool that extracts Kerberos tickets from the Local Security Authority (LSA) cache. Like finding a ticket, but fo…☆61Updated last week
- This is a novel technique that leverages the well-known Device Code phishing approach. It dynamically initiates the flow when the victim …☆173Updated last month
- A tool for carrying out brute force attacks against Office 365, with built in IP rotation use AWS gateways.☆80Updated last year
- Permanently disable EDRs as local admin☆118Updated 3 weeks ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆147Updated last week
- pysnaffler☆104Updated 2 months ago
- ☆160Updated last year
- A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…☆149Updated 2 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆117Updated last year
- Your Skyfall Infrastructure Pack☆83Updated this week
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆90Updated last year
- ☆114Updated 4 months ago
- Python alternative to Mimikatz lsadump::dcshadow☆155Updated 4 months ago
- tool for requesting Entra ID's P2P certificate and authenticating to a remote Entra joinned devices with it☆124Updated 2 months ago
- Generate and Manage KeyCredentialLinks☆174Updated 2 weeks ago
- Utilities for obfuscating shellcode☆94Updated last month