Gophish (phishing toolkit)
Phishing tools are a good option to test the security awareness within an organization. By setting up a phishing project, the tester can find out how many people in an organization fall for a predefined trap.
Trawler (data collection framework for phishing results)
data collection, phishing attacks
Trawler can simplify the work that is related to collecting phishing information like reports. It can process the information and use the information for follow-up steps.
Wifiphisher (phishing attack tool for WiFi)
phishing attacks, WiFi security analysis
Wifiphisher would have a good usage in security assessments to obtain credentials. In that regard it is considered to be an offensive tool, especially considering it could be used to infect the systems of victims with malware. Wifiphisher is not a brute forcing tool, but more focused to perform a social engineering attack.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.