WiFi-Pumpkin is a robust system for WiFi security auditing. The main feature is the ability to create a fake AP and to attack Man In The Middle, but the list of features is extensive.
WiFi pumpkin installation
git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
- Rogue WiFi Access Point.
- Windows Update Attack.
- Patch Binaries via MITM.
- ARP PoisonDNS Spoof.
- DHCP Starvation Attack.
- Death Attack Clients AP.
- Probe Request Monitor.
- Credentials Monitor.
- Transparent Proxy.
- Phishing Manager.
- LLMNR, NBT-NS, and MDNS poisoner (Responder).
- Pumpkin-Proxy (ProxyServer (MITM proxy API)).
- Capture images on the fly.
- Partial Bypass HSTS protocol.
- Support beef hook.
- Karma Attacks (support hostapd-mana).
- TCP-Proxy (with scapy)
|Dns2proxy||This tool provides different post-exploitation features once you change the DNS server to a victim.|
|Sstrip2||SSLstrip is a MITM tool that implements fork @LeonardoNve/@xtr4nge for Moxie Marlinspike SSL stripping attacks.|
|Sergio_proxy||Sergio Proxy (super-efficient recorder of gathered inputs and outputs) is an HTTP proxy written for the twisted framework in Python.|
|BDFProxy||Patch binaries from MITM: BackdoorFactory + MITM proxy, bdfproxy-ng is a fork and summary of the original @secretskirrel BDFProxy.|
|Responder||Poisoner LLMNR, NBT-NS and MDNS. Posted by: Laurent Gaffie|
A proxy between you and a TCP stream. It filters the request and answer streams and actively modifies a TCP protocol packet intercepted by WiFi-Pumpkin (scapy module). This plugin uses modules to view or edit intercepted data that are automatically listed on the TCP-Proxy tab when you quickly implement a module, add your customized module on “Plugins / Analyzers/.”