GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → redlure → redlure-console

redlure / redlure-console

Licence: BSD-3-Clause license
Distributed phishing framework designed to streamline offensive security phishing

Programming Languages

python
139335 projects - #7 most used programming language

Labels

phishing-attacksphishphishing-kitphishing-detection

Projects that are alternatives of or similar to redlure-console

TweetFeed
Collecting IOCs posted on Twitter
Stars: ✭ 181 (+654.17%)
Mutual labels:  phishing-attacks, phishing-detection
Malicious-Urlv5
A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.
Stars: ✭ 35 (+45.83%)
Mutual labels:  phishing-attacks, phishing-detection
PhishingKit-Yara-Search
Yara scan Phishing Kit's Zip archive(s)
Stars: ✭ 24 (+0%)
Mutual labels:  phishing-kit, phishing-detection
pentesting-framework
Pentesting Framework is a bundle of penetration testing tools, Includes - security, pentesting, hacking and many more.
Stars: ✭ 90 (+275%)
Mutual labels:  phishing-attacks, phishing-kit
shark
Best Tool For Phishing, Future Of Phishing
Stars: ✭ 238 (+891.67%)
Mutual labels:  phishing-attacks, phishing-kit
PhishingKit-Yara-Rules
Repository of Yara rules dedicated to Phishing Kits Zip files
Stars: ✭ 71 (+195.83%)
Mutual labels:  phishing-kit, phishing-detection
URL-obfuscator
Python Program to obfuscate URLs to make Phishing attacks more difficult to detect. Uses Active open redirect list and other URL obfuscation techniques.
Stars: ✭ 101 (+320.83%)
Mutual labels:  phishing-attacks, phishing-kit
Elliot
A pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-4.17%)
Mutual labels:  phishing-attacks
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (+229.17%)
Mutual labels:  phishing-detection
lockphish
Lockphish is a tool for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode[No longer works on latest devices]
Stars: ✭ 192 (+700%)
Mutual labels:  phishing-attacks
ThePhish
ThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+2716.67%)
Mutual labels:  phishing-detection
Hiddeneye Legacy
Modern Phishing Tool With Advanced Functionality And Multiple Tunnelling Services [ Android-Support-Available ]
Stars: ✭ 2,568 (+10600%)
Mutual labels:  phishing-kit
emptyphish
Phishing Tool for Instagram, Facebook, Twitter, Snapchat, Github, Yahoo, Protonmail, Google, Spotify, Netflix, Linkedin, Wordpress, Origin, Steam, Microsoft, InstaFollowers, Pinterest +1 customizable
Stars: ✭ 75 (+212.5%)
Mutual labels:  phishing-attacks
Ravana
Phishing tool for termux .This includes many websites like facebook,Instagram,Twitter,google etc..
Stars: ✭ 68 (+183.33%)
Mutual labels:  phishing-attacks
Phishing-Email-Analysis
Useful resources about phishing email analysis
Stars: ✭ 46 (+91.67%)
Mutual labels:  phishing-detection
Skeleton
Skeleton is a Social Engineering tool attack switcher
Stars: ✭ 44 (+83.33%)
Mutual labels:  phishing-attacks
Blackeye-for-Windows
This is a Phishing tool. Phishing is a type of hacking also called credential harvesting. It creates fake websites for victims to login which saves their login info which includes IP, User-Agent, Username and Password to a file in the computer running Blackeye. This tool has been there for Linux and even Android via Termux. I converted it to Win…
Stars: ✭ 38 (+58.33%)
Mutual labels:  phish
phishEye
phishEye is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, LinkedIn, GitHub, Dropbox, and many others. Created with Flask, custom templates, and tunneled with ngrok and localhost.run.
Stars: ✭ 47 (+95.83%)
Mutual labels:  phishing-attacks
EthereumFoos
A Curated List Of Costly Ethereum Mistakes To Learn From (WIP)
Stars: ✭ 24 (+0%)
Mutual labels:  phishing-attacks
nlc-email-phishing
Detect email phishing with Watson Natural Language Classifier
Stars: ✭ 26 (+8.33%)
Mutual labels:  phishing-detection
View All Similar Projects ➔

The redlure Distributed Phishing Framework

redlure is a phishing framework designed to advance pentest and red team phishing. It could also be utilized by blue teams looking to train employees through running realistic phishing scenarios.

redlure's distributed architecture allows for multiple campaigns to be run on different ports and/or servers, while results are aggregated in a single interface. This allows you to generate phishing templates, target lists, start/stop campaigns, change domains, change ports and generate Let's Encrypt certs on multiple workers all from one interface.

redlure was released as a part of DEFCON 28 Demo Labs. (Associated presentation/demo)

redlure-console

This is the main redlure repository. Use the GitBook documentation on docs.redlure.io to get started with the redlure-console or visit Installation for install instructions.

Sponsors

Core features

  • Manage phishing campaigns running in parallel across multiple servers, ports and domains
  • Chain webpage templates together for multi-step phishing (e.g. Office365, Gmail)
  • Workspaces to manage results and templates for each engagement
  • Partial database encryption (sensitive database columns only)
  • Generate Let's Encrypt certs remotely (other certificates can be manually specified)
  • Manage payload delivery via automatic downloads or links and buttons
  • Role-based authentication

redlure Ecosystem

redlure is comprised of three components:

  1. redlure-console - Centralized API the operator interacts with. Stores templates and tracks campaigns/results. Manages your redlure-workers. Written in Python using Flask.
  2. redlure-worker - Skeletal API that manages the webserver for phishing campaigns. Multiple of these can and should be managed from a single console. Written in Python using Flask.
  3. redlure-client - Web interface for interacting with the console API. Written with the Angular 10 framework (Typescript and HTML)

Basic setup:

Project State

redlure is in an BETA state. It has been engagement-usable for my teams since early 2020. However, there are 100% still bugs that you may discover while using it. Please submit an issue or a pull request if you identify one.

Disclaimer

This tool is designed for use during offensive security engagements, with explicit approval from client; usage of this tool without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse of this program.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].