FS-NyarL
A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit - but use it at your own risk!
Features:
Interactive Console
Real Time Passwords Found
Real Time Hosts Enumeration
Tuned Injections & Client Side Attacks
ARP Poisoning & SSL Hijacking
Automated HTTP Report Generator
ATTACKS IMPLEMENTED:
MITM (Arp Poisoning)
Sniffing (With & Without Arp Poisoning)
SSL Hijacking (Full SSL/TLS Control)
HTTP Session Hijaking (Take & Use Session Cookies)
Client Browser Takeover (with Filter Injection in data stream)
Browser AutoPwn (with Filter Injection in data steam)
Evil Java Applet (with Filter Injection in data stream)
DNS Spoofing
Port Scanning
POST ATTACKS DATA OBTAINED:
Passwords extracted from data stream
Pcap file with whole data stream for deep analysis
Session flows extracted from data stream (Xplico & Chaosreader)
Files extracted from data stream
Hosts enumeration (IP,MAC,OS)
URLs extracted from data stream
Cookies extracted from data stream
Images extracted from data stream
List of HTTP files downloaded extracted from URLs
DEPENDENCIES (aka USED TOOLS):
Chaosreader (already in bin folder)
Xplico
Ettercap
Arpspoof
Arp-scan
Mitmproxy
Nmap
Tcpdump
Beef
SET
Metasploit
Dsniff
Macchanger
Hamster
Ferret
P0f
Foremost
SSLStrip
SSLSplit