Wifiphisher alternatives

Looking for an alternative tool to replace Wifiphisher? During the review of Wifiphisher we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. EAPHammer (evil twin attack against WPA2-Enterprise network)
  2. Gophish (phishing toolkit)
  3. King Phisher (Phishing campaign toolkit)

These tools are ranked as the best alternatives to Wifiphisher.

Alternatives (by score)

76

EAPHammer

Introduction

EAPHammer is a toolkit to perform a targeted evil twin attack against WPA2-Enterprise networks. It can be used during security assessments of the wireless network. The focus of EAPHammer is to provide a powerful interface while still being easy to use.

The attacks and features that EAPHammer supports are evil twin and karma attack, SSID cloaking, steal RADIUS credentials (WPA-EAP and WPA2-EAP), and hostile portal attacks to capture Active Directory credentials or perform indirect wireless pivots.

EAPHammer has an extensive set of features and comes with several WiFi related attacks. The GitHub page of the project has good documentation on the types of attacks and the requirements to perform them.

Project details

EAPHammer is written in Python.

Strengths and weaknesses

  • + More than 500 GitHub stars
  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • Credential stealing
  • Network security assessment
  • Network spoofing

EAPHammer review

85

Gophish

Introduction

Phishing tools are a good option to test the security awareness within an organization. By setting up a phishing project, the tester can find out how many people in an organization fall for a predefined trap.

Project details

Gophish is written in Golang.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 1000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Security awareness

    Gophish review

    68

    King Phisher

    Introduction

    None

    Project details

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Phishing attacks

      King Phisher review

      64

      Trawler

      Introduction

      Trawler can simplify the work that is related to collecting phishing information like reports. It can process the information and use the information for follow-up steps.

      Project details

      Trawler is written in Python.

      Strengths and weaknesses

      • + The source code of this software is available
      • - No releases on GitHub available

      Typical usage

      • Data collection
      • Phishing attacks

      Trawler review

      100

      Social-Engineer Toolkit (SET)

      Introduction

      The Social-Engineer Toolkit (SET) is an open source penetration testing framework. SET is written in Python and helps with assignments that require social engineering. The toolkit has been presented at large-scale conferences like Black Hat and DEF CON and covered in several books. This publicity definitely helped to make it more familiar in the information security community.

      Project details

      Social-Engineer Toolkit is written in Python.

      Strengths and weaknesses

      • + More than 50 contributors
      • + More than 3000 GitHub stars
      • + The source code of this software is available

        Typical usage

        • Social engineering

        Social-Engineer Toolkit review

        67

        Wireshark

        Introduction

        Wireshark is a mature project with many users all over the world. Its library is stable and can be used by both graphical as text-based interfaces. With many books and even conferences around the subject, this tool is a safe bet to have in your toolbox.

        Project details

        Wireshark is written in C.

        Strengths and weaknesses

        • + The source code of this software is available
        • + Well-known tool

          Typical usage

          • Network analysis
          • Network traffic analysis
          • Security assessment
          • Troubleshooting

          Wireshark review

          100

          aircrack-ng

          Introduction

          This toolkit focuses on several aspects:

          • Testing: Test WiFi devices and capabilities of the driver
          • Monitoring: Packet capture and data export
          • Attacking: Perform replay attacks, de-authentication, set up fake access points, and perform packet injection
          • Cracking: Perform attacks on WEP and WPA PSK (WPA 1 and 2)

          Project details

          aircrack-ng is written in C.

          Strengths and weaknesses

          • + Project is mature (10+ years)
          • + The source code of this software is available
          • + Well-known tool

            Typical usage

            • Hardware security
            • Network scanning
            • Security assessment

            aircrack-ng review

            85

            airgeddon

            Introduction

            Tools like Airgeddon can be used to test the security of wireless networks. It is flexible and written in shell script, making it fairly easy to understand what is does and how it works.

            Project details

            airgeddon is written in shell script.

            Strengths and weaknesses

            • + Used language is shell script
            • + The source code of this software is available
            • - Full name of author is unknown

            Typical usage

            • Network analysis

            airgeddon review

            60

            BoopSuite

            Introduction

            BoopSuite a wireless pentesting suite to perform security auditing and test wireless networks. It can be used for penetration tests and security assignments.

            Project details

            BoopSuite is written in Python.

            Strengths and weaknesses

            • + More than 500 GitHub stars
            • + The source code of this software is available
            • - Full name of author is unknown

            BoopSuite review

            60

            trackerjacker

            Introduction

            Trackerjacker is a security tool to map WiFi networks that you are not connected to. It allows mapping and tracking of devices using the 802.11 protocol. It may be useful for intelligence gathering or performing specific WiFi attacks, such as a deauthentication attack. The tool comes with plugin support so that it can interact with other tools. For example, when a particular event occurs it can be picked up by another tool.

            Project details

            trackerjacker is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available
            • - Requires root permissions

            Typical usage

            • Network scanning
            • Network spoofing
            • Network traffic analysis
            • Penetration testing

            trackerjacker review

            64

            WarBerryPi

            Introduction

            WarBerryPi is a toolkit to provide a hardware implant during Physical penetration testing or red teaming. The primary goal of the tool is to obtain as much information as possible, in a short period of time. The secondary goal is to be stealthy to avoid detection. As the name implies, the tool can be used on a small device like a RaspberryPi.

            Another use-case of WarBerryPi is to be an entry point to the network. In that case, a 3G connection is suggested, to avoid the outgoing network filtering (egress rules).

            Project details

            WarBerryPi is written in Python.

            Strengths and weaknesses

            • + More than 2000 GitHub stars
            • + The source code of this software is available
            • - Minimal or no documentation available
            • - No releases on GitHub available

            Typical usage

            • Information gathering
            • Information snooping
            • Penetration testing
            • Red teaming

            WarBerryPi review

            Some relevant tool missing as an alternative to Wifiphisher? Please contact us with your suggestion.