Wifiphisher alternatives

EAPHammer is a toolkit to perform a targeted evil twin attack against WPA2-Enterprise networks. It can be used during security assessments of the wireless network. The focus of EAPHammer is to provide a powerful interface while still being easy to use.

The attacks and features that EAPHammer supports are evil twin and karma attack, SSID cloaking, steal RADIUS credentials (WPA-EAP and WPA2-EAP), and hostile portal attacks to capture Active Directory credentials or perform indirect wireless pivots.

EAPHammer has an extensive set of features and comes with several WiFi related attacks. The GitHub page of the project has good documentation on the types of attacks and the requirements to perform them.

Phishing tools are a good option to test the security awareness within an organization. By setting up a phishing project, the tester can find out how many people in an organization fall for a predefined trap.

Trawler can simplify the work that is related to collecting phishing information like reports. It can process the information and use the information for follow-up steps.

The Social-Engineer Toolkit (SET) is an open source penetration testing framework. SET is written in Python and helps with assignments that require social engineering. The toolkit has been presented at large-scale conferences like Black Hat and DEF CON and covered in several books. This publicity definitely helped to make it more familiar in the information security community.

Wireshark is a mature project with many users all over the world. Its library is stable and can be used by both graphical as text-based interfaces. With many books and even conferences around the subject, this tool is a safe bet to have in your toolbox.

This toolkit focuses on several aspects:

• Testing: Test WiFi devices and capabilities of the driver
• Monitoring: Packet capture and data export
• Attacking: Perform replay attacks, de-authentication, set up fake access points, and perform packet injection
• Cracking: Perform attacks on WEP and WPA PSK (WPA 1 and 2)

Tools like Airgeddon can be used to test the security of wireless networks. It is flexible and written in shell script, making it fairly easy to understand what is does and how it works.

Trackerjacker is a security tool to map WiFi networks that you are not connected to. It allows mapping and tracking of devices using the 802.11 protocol. It may be useful for intelligence gathering or performing specific WiFi attacks, such as a deauthentication attack. The tool comes with plugin support so that it can interact with other tools. For example, when a particular event occurs it can be picked up by another tool.

WarBerryPi is a toolkit to provide a hardware implant during Physical penetration testing or red teaming. The primary goal of the tool is to obtain as much information as possible, in a short period of time. The secondary goal is to be stealthy to avoid detection. As the name implies, the tool can be used on a small device like a RaspberryPi.

Another use-case of WarBerryPi is to be an entry point to the network. In that case, a 3G connection is suggested, to avoid the outgoing network filtering (egress rules).