CredSniper

Phishing tool

A phishing framework that captures 2FA tokens and provides secure access to credentials

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

GitHub

1k stars
77 watching
295 forks
Language: HTML
last commit: over 4 years ago

Related projects:

Repository Description Stars
ryhanson/phishery Phishery is an HTTP server designed to harvest Basic Auth credentials and inject URLs into Word documents. 980
octoberfest7/teamsphisher A tool designed to send phishing messages and attachments to Microsoft Teams users 1,039
curtbraz/phishapi A tool for creating and deploying fake web pages to steal credentials 372
fkasler/phishmonger A tool for crafting and testing phishing emails with granular control over SMTP and mail headers. 160
timwhitez/doge-xss-phishing A tool designed to automate cross-site scripting (XSS) phishing attacks using PHP and JavaScript. 269
danmcinerney/net-creds Tool to detect sensitive data in network traffic 1,713
sebastian-mora/awsssome_phish A tool for simulating phishing attacks on AWS SSO using a serverless architecture and automated deployment. 31
m1nl/pompa A fully featured spear-phishing toolkit web frontend. 50
tokyoneon/credphish A PowerShell script designed to collect user passwords and exfiltrate them via DNS 287
onmyway133/arcane A Swift framework providing common cryptographic functions and tools 283
gemgeorge/sniperphish A web-based phishing toolkit designed to simulate real-world attacks for security testing and awareness training. 561
alteredsecurity/365-stealer A phishing simulation tool that automates illicit consent grant attacks on Azure AD using Python3 and PHP. 458
0xinfection/xsrfprobe A toolkit designed to test and exploit Cross-Site Request Forgery vulnerabilities in websites. 1,116
optiv/microsoft365_devicephish A tool designed to demonstrate a vulnerability in Microsoft's OAuth Authorization Flow for phishing attacks 94
hadojae/data Automates phishing analysis by visiting URLs, taking screenshots and scraping archives. 96