Maskphish

Features

Penetration Testing Frameworks - Functions as a comprehensive security toolkit for automating reconnaissance, vulnerability scanning, and exploitation across diverse network environments.

Phishing Attack Tools - Executes phishing campaigns using browser hooking to capture sensitive information.

Social Engineering Phishing - Features a specialized toolkit for cloning websites and deploying deceptive pages to capture user credentials.

Port Scanning - Provides tools to scan for open ports and active hosts to map network topology.

Vulnerability Enumerations - Identifies network vulnerabilities and platform enumerations to map them against compatible exploits.

Subdomain Enumeration - Provides tools for discovering and mapping subdomains to analyze a target's online infrastructure.

Data Exfiltration - Exfiltrates contacts, call logs, and SMS messages from target devices.

OSINT and Reconnaissance - Provides automated tools for gathering intelligence on targets via public records, social profiles, and domain metadata.

Password Cracking - Performs dictionary attacks to recover passwords for archives and PDF files.

SQL Injection - Implements tools to execute malicious SQL codes against websites to access backend database servers.

Web Vulnerability Scanning - Checks servers for outdated software and known security flaws through automated web scanning.

Image Metadata Stripping - Removes embedded EXIF, XMP, and ICC metadata from images to protect privacy and location details.

Network Service Discovery - Identifies open network services like SSH and MySQL through automated discovery and search engines.

Payload Generation - Compiles executable stagers and APKs for multiple operating systems to establish reverse command sessions.

OSINT Automation Frameworks - Automates the gathering of intelligence from public data sources for IP addresses and domains.

Service Version Detectors - Interrogates network ports to identify the specific versions of applications running on a target.

Virtual Host Discovery Tools - Includes utilities for identifying hidden virtual host configurations on web servers via header manipulation.

Malicious Executable Generators - Provides a feature to create platform-specific malicious executables and establish listeners for remote sessions.

Post-Exploitation Agents - Includes a system to track active sessions and interact with remote agents via a shell for security testing.

Image Metadata Extraction - Retrieves technical specifications, timestamps, and GPS coordinates from image files.

Metadata Modification - Enables editing and updating embedded image metadata such as copyright information.

Network Hostname Resolvers - Implements utilities for mapping IP addresses to human-readable hostnames via network table analysis.

DNS Query Poisoners - Implements DNS query poisoning to intercept domain requests and redirect user traffic to controlled servers.

Domain-to-IP Mappings - Implements DNS spoofing to associate target domain names with local IP addresses.

Network Discovery Tools - Provides large-scale scanning and identification of active network hosts and services.

Port Scanners - Identifies open network ports to map the available attack surface of a target.

PC-to-Android Remote Control - Provides a remote connection capability via Android Debug Bridge for system administration.

TCP Port Scanners - Ships a TCP port scanner to probe target domains and identify active services.

Traffic Interception Tools - Includes tools to capture, edit, and replay HTTP requests and headers for network analysis.

Remote OS Fingerprinting - Detects remote operating systems by analyzing network response characteristics to identify vulnerabilities.

Deleted File Recovery - Scans storage media by analyzing data structures to restore deleted files.

DNS Spoofing Tools - Intercepts domain requests to provide false IP addresses and redirect traffic to controlled servers.

Embedded Script Analysis - Inspects JavaScript and shellcode inside PDF files to detect malicious payloads.

Evasive Payload Generators - Includes evasion modules to generate undetectable payloads that bypass endpoint protection and security software.

File Hash Verification - Checks PDF hashes against databases to identify known malware and CVEs.

Credential Extraction Utilities - Employs memory-dumping tools to retrieve NTLM hashes and plaintext passwords from target systems.

Network Credential Capturers - Intercepts usernames and tokens as they pass through a proxy server to capture user credentials.

Deceptive Credential Capture - Creates fake lock screens to capture device PINs and passcodes.

Phishing Capturers - Implements a system to host deceptive web interfaces specifically designed to capture user credentials.

Memory Forensics - Provides a web-based graphical interface for analyzing volatile memory dumps using forensics plugins.

Passive Intelligence Gathering - Includes a tool to collect emails, subdomains, and WHOIS records for target domains.

Payload Compilation - Implements a system for compiling executable payloads for multiple operating systems using various payload types.

Phishing URL Obfuscators - Provides tools to convert deceptive links into URLs that appear to originate from trusted domains.

Post-Exploitation Plugins - Provides specialized plugins for the post-exploitation phase to create persistence backdoors and install keyloggers.

Reconnaissance Workflow Automation - Automates the collection of target intelligence by integrating diverse scanning modules and API keys.

Remote Access Trojans - Provides a payload generator for creating platform-specific executables and APKs to establish remote command sessions.

Remote Command Execution Tools - Ships tools to open remote shells for executing commands and triggering system actions on target hosts.

Remote Access Payloads - Builds custom APK payloads to establish persistent remote access connections to mobile devices.

Remote System Exploitation - Provides capabilities for developing payloads and using remote shells to control target devices.

Remote Device Data Extraction - Extracts GPS logs, microphone recordings, and call history from remote devices.

Reverse Proxy Mirroring - Implements a reverse proxy to mirror live websites in real time.

Administrative Privilege Management - Allows promotion of users to administrators by modifying system registry and SAM files.

CMS Plugin Scanning - Scans for unpatched vulnerabilities within CMS cores, themes, and plugins.

Security Vulnerability Scanning - Provides automated tools to identify security flaws and known CVEs on target websites.

Reverse Shell Payloads - Provides a tool to generate reverse shell payloads and stager files for various platforms to establish remote connections.

Digital Forensics and Analysis - Implements a comprehensive suite for extracting file metadata and recovering deleted data from memory dumps and disk images.

Information Gathering Tools - Offers a framework for collecting target data using various automated information gathering tools.

Test Management Interfaces - Ships a graphical interface to organize target hosts and track security tool outputs in real-time.

Vulnerability Scanners - Includes a scanner for mapping network topology, identifying open ports, and detecting known service vulnerabilities.

Wordlist Generators - Manages external text files to automate credential guessing during brute-force attacks.

Phishing Link Generation - Produces direct or shortened URLs that direct targets to deceptive, fraudulent pages.

Digital Forensics - Provides a toolkit for analyzing memory dumps, extracting file metadata, and recovering deleted data from disk images.

Network Reconnaissance Tools - Provides automated systems to scan hosts and identify active network services and versions.

Subdomain Brute Forcing - Enumerates subdomains by brute-forcing wordlists against open DNS resolvers.

Web Application Penetration Testing - Includes tools for scanning websites for SQL injection, XSS, and other critical security vulnerabilities.

Phishing Page Generators - Provides utilities to create realistic login interfaces for simulating credential harvesting attacks.

SQL Injection Detection Tools - Includes utilities to identify and validate SQL and command injection vulnerabilities.

Website Cloning Tools - Clones existing websites to create deceptive templates for harvesting user credentials.

Android Device Management - Provides a centralized web-based dashboard for privileged administration of Android system resources.

Device Telemetry Retrievals - Retrieves system specifications, network details, and battery state from remote devices.

Remote File Managers - Manages remote files by uploading, downloading, and extracting data from target devices.

Input Simulations - Simulates key-presses and screen clicks to programmatically control a device interface.

Credential Harvesting Pages - Implements cloned website replicas used to capture user credentials through fraudulent forms.

Browser Session Hooking - Executes JavaScript in target browsers to establish persistent connections for remote manipulation and data theft.

Persistent Browser Hooking - Establishes a persistent remote connection by executing JavaScript within a target browser.

Hash Identification Tools - Analyzes string patterns to identify the hashing algorithm used for a given value.

Anonymity and Privacy - Features a platform to access the web while masking the user's physical address and identity.

Browser Forensics - Retrieves passwords, history, and cookies from browser profiles for forensic analysis.

Forensic Disk Imaging - Saves the entire contents of a disk or memory card into a specialized image file for analysis.

Remote File Managers - Provides a file manager to browse and download files from the file system of a connected remote device.

File Inclusion - Provides tools to detect and test for both local and remote file inclusion vulnerabilities.

Web Crawling Reconnaissance - Crawls target websites to discover links, images, and sitemaps for reconnaissance.

Router Vulnerability Probing - Probes target routers to identify security weaknesses and compatible exploit modules.

Router Vulnerability Scanning - Identifies vulnerable routers across the internet to assess global security posture.

OSINT Email Discovery - Provides capabilities for OSINT email discovery by searching the internet and verifying addresses on social media.

Social Media Reconnaissance - Offers tools for social media reconnaissance to locate profiles associated with a specific username.

Certificate Transparency Analysis - Queries certificate transparency logs to identify issued SSL certificates and discover subdomains.

Vulnerability Exploitation Frameworks - Provides a framework to apply predefined exploits against targets identified through network scanning.

Router Exploit Execution - Executes specific exploit modules against target routers to gain unauthorized access.

Product-Specific Exploit Search - Provides utilities to locate specific exploits by matching software products and versions based on target operating systems or hardware.

XSS Vulnerability Scanners - Provides automated tools for discovering and verifying cross-site scripting vulnerabilities in web forms.

Social Media Intelligence Gatherers - Scans multiple social platforms for specific usernames to identify and correlate user profiles.

Document Metadata Extraction - Provides a tool to parse metadata from documents on a target domain to uncover usernames.

Site Crawlers - Ships a crawler to identify all pages and request methods to map the target website's structure.

Data Export - Exports collected reconnaissance data into sorted text files for structured analysis.

Geographic Data - Includes tools to determine physical locations and retrieve public reviews from Google Maps.

Scan Data Importers - Imports external XML scan results into a database for structured querying.

Username-Based Profile Discoverers - Includes a tool to search social media websites for a username and return direct profile links.

Steganographic Data Restoration - Provides a feature to extract original content from cloaked files using specific cipher settings.

External Security Tool Integrations - Automates the execution of external security scanning utilities within the framework's discovery workflows.

Project Workspaces - Creates isolated project environments to organize targeting datasets and scan results.

Module Behavior Configurations - Allows for the configuration of data collection modules and the integration of API keys.

Disk Image Integrity Validation - Calculates cryptographic hashes during the disk imaging process to ensure image validity.

Web-Based Camera Captures - Captures images from a target device camera via browser permission requests.

Anonymous Website Hosting - Provides an automated setup for publishing websites as hidden services over the Tor network.

ARP Cache Poisoning - Implements ARP cache poisoning to redirect local network traffic for man-in-the-middle attacks.

Bulk Email Dispatchers - Ships a bulk email dispatch system used for sending spoofed phishing messages to large groups of recipients.

DNS Record Resolvers - Includes a utility to query A, AAAA, MX, and TXT records and DMARC configurations.

DNS Hijacking - Provides tools to change router DNS settings to redirect network traffic to a specified destination.

Account Service Discovery - Provides a feature to identify active Google services associated with a specific account.

Server Configuration Analysis - Retrieves HTTP headers and SSL certificate details to assess and audit server configuration.

IKE Protocol Analysis - Collects Pre-Shared Keys from IKE responses for offline cryptanalysis.

External Traffic Forwarders - Routes local server traffic to the internet using tunneling services to expose local pages.

Local Network Website Hosting - Ships a system for serving HTML or PHP content to devices on the same wireless network.

Local Resource Exposure - Exposes local pages to the public internet via secure tunnels for remote accessibility.

MAC Address Spoofers - Changes the hardware MAC address of network interfaces to conceal identity during attacks.

Packet Capture Utilities - Records raw network traffic through interfaces to extract sensitive information from packets.

Service Banner Grabbing - Reads banners from remote network ports to identify running services and their versions.

Wireless Network Utilities - Scans for nearby wireless LANs to identify network names and channels.

Dual-Band Network Scanning - Ships a tool to discover nearby wireless networks with support for dual-band signal detection.

Wireless Deauthentication Tools - Provides utilities to disconnect wireless clients from access points using deauthentication frames.

Wireless Protocol Analysis Suites - Provides tools for capturing and analyzing layer 2 Wi-Fi traffic to identify nearby networks.

Protocol Fuzzing - Sends malformed data to network protocols to uncover memory leaks and crashes.

Outbound IP Rotation - Rotates Tor exit nodes to change the system's public IP address and evade blocks.

Multi-Format Target Scanning - Performs scans against multiple target formats, including hostnames, phone numbers, and email addresses.

Wireless Packet Injectors - Allows capturing raw wireless frames in monitor mode to sniff data traffic from the air.

Reverse Proxy Interceptors - Acts as a reverse proxy to mirror live websites in real time for traffic capture and modification.

Deceptive Traffic Rerouting - Redirects users to legitimate websites after a fraudulent interaction to hide the evidence of an attack.

Anonymity Network Routing - Channels network traffic through a Tor proxy chain to anonymize the connection source.

Transparent Network Proxies - Captures and alters network packets in real time to analyze communication or inject code.

Rogue Access Points - Capable of creating rogue wireless access points to deceive devices and intercept traffic.

Hidden Network Discovery - Uses client deauthentication to reveal the SSIDs of hidden wireless networks.

Mobile Linux GUI Setups - Provides tools to install a desktop environment and VNC server for mobile Linux installations.

Non-Root Mobile Linux Deployments - Allows the deployment of a Linux distribution onto a smartphone without requiring root access.

CSRF Vulnerability Assessments - Identifies cross-site request forgery vulnerabilities by executing targeted injection requests.

Session and OAuth Vulnerability Testing - Provides capabilities to test for session hijacking and OAuth injection flaws.

Attack Surface Mapping - Collects URLs and email addresses from websites to map the organization's external attack surface.

Browser Exploitation - Triggers vulnerabilities in web browsers to execute attack modules like phishing pages.

Captive Portal Simulations - Creates rogue authentication portals to intercept network traffic and user credentials.

CMS Identification - Provides a tool to detect the specific Content Management System and version used by a website.

Domain Reconnaissance - Includes a tool to retrieve WHOIS information to identify registered and unregistered sites for domain reconnaissance.

Wireless Network Attacks - Mimics legitimate access points to lure users into providing sensitive credentials.

Exposed Repository Extraction - Extracts source code from exposed version control repositories.

Hidden File Discovery - Provides a tool to locate hidden files by testing common extensions and archive data.

Host Infrastructure Fingerprinting - Provides a utility to gather metadata from SSL certificates and HTTP headers to identify target applications.

Internet-Connected Device Discovery - Provides a system to identify hardware like webcams and databases by indexing HTTP and FTP data.

IP Tracking - Ships a system to identify and record the IP addresses of users interacting with deceptive links.

MAC Address Spoofers - Generates random MAC addresses to conceal identity before executing network attacks.

Forensic Artifact Extraction - Extracts downloads and DOM storage from browser installations as forensic evidence.

Tor Routing - Redirects all network traffic through the Tor network to mask the system's origin IP.

Parallel Brute-Force Engines - Uses parallel processing and custom wordlists to recover passwords and discover hidden directories.

Password Hash Recovery - Implements high-performance utilities that distribute recovery workloads across processor cores to retrieve passwords from cryptographic hashes.

Phone Number OSINT - Provides a tool to search the web for public records associated with a specific telephone number.

Physical Disk Cloning - Copies all data from one physical drive to another to create an exact replica.

Post-Exploitation Frameworks - Executes targeted attacks on compromised systems using browser exploits and DLL injection.

Privilege Escalation Techniques - Provides tools to bypass User Account Control and upgrade sessions to administrative status.

Public Profile Media Scraping - Includes a tool to download public photos and firmware details when account sharing is enabled.

Security Detection Logic - Implements logic to identify complex security flaws like CSRF and MIME mismatches.

WordPress Security Scanning - Identifies security loopholes in WordPress themes and plugins.

TLS Configuration Scanning - Scans network ports to identify flaws and security misconfigurations in SSL/TLS implementations.

Filter Bypasses - Employs specialized payloads and DNS history to circumvent Web Application Firewalls and input filters.

SQL Injection Scanners - Includes automated tools to detect SQL injection vulnerabilities using custom search queries.

Sensitive Data Extraction Tools - Scans disk images and directories to identify and extract emails and credit card numbers.

SQL Injection Tools - Automates database exploitation and scanning by integrating SQLmap functionality.

Steganographic Data Hiding - Implements tools to conceal sensitive files within innocuous text to bypass antivirus detection.

Subdomain Discoveries - Provides tools for enumerating and mapping valid subdomains associated with a target domain.

Infrastructure Reconnaissance - Provides a modular framework to collect sub-domains and IP addresses for target infrastructure intelligence.

URL Obfuscators - Includes tools to modify link structures and obscure destination addresses to deceive targets.

Remote Lock Screen Resets - Allows the removal of lock screen passwords from remote Android devices.

SAM File - Modifies SAM files to clear or change user account passwords on Windows.

Identity Attribute Extraction - Provides a utility to retrieve names and Google IDs by querying specific email addresses.

Username Enumerations - Includes a feature to identify registered usernames and administrative accounts on target sites.

Denial of Service Tools - Includes tools to flood target servers with requests to evaluate system resilience under denial-of-service loads.

Session Hijacking - Captures active session cookies to impersonate authenticated users.

Credential Brute-Forcing - Tests common default usernames and passwords against network hardware like routers and cameras.

Encrypted Archive Cracking - Recovers passwords for encrypted archives using character combinations or dictionary-based attacks.

Target-Specific Wordlist Generation - Extracts text from social feeds to create custom password cracking dictionaries.

Web Directory Brute Forcing - Uses a multi-threaded engine and wordlists to discover hidden directories on web servers.

Wireless Security Auditing - Implements a comprehensive suite for analyzing wireless traffic and testing security via handshake capture and rogue access points.

Handshake Captures - Includes a tool to monitor wireless traffic and capture WPA handshakes for password verification and recovery.

Web Directory Enumeration Tools - Includes utilities for discovering hidden files and directories on web servers through wordlist-based brute-force testing.

Web Technology Detection - Analyzes website signatures to determine the underlying software and programming languages used.

Wireless Encryption Cracking - Recovers plaintext IKE keys from captured hashes using brute-force attacks.

WPA Wi-Fi Cracking Toolkits - Analyzes captured wireless packets and initialization vectors to recover WPA network keys.

Security Reconnaissance Modules - Implements a system for installing specialized security reconnaissance modules to expand intelligence gathering.

Credential Loggers - Saves cracked network passwords into log files for later retrieval and analysis.

Traffic Interception and Modification - Uses a transparent proxy to capture and alter HTTP requests and responses in real time.

Data Leak Monitors - Implements a scanner to identify target email addresses appearing in known public data leaks.

Location Tracking - Includes tools to log GPS coordinates to determine the physical location of a remote device.

Remote Device State Manipulation - Allows for remote locking of target devices and the management of an execution command queue.

Remote Monitoring - Implements a system to track real-time events such as clipboard changes and incoming notifications on remote devices.

Remote Media Exfiltration - Provides capabilities to record audio and video from a target device to monitor activity.

Attack Control Interfaces - Provides a graphical user interface to configure and control phishing campaigns.

Spyware Screen Capturers - Captures images transmitted over the network during active sessions for surveillance purposes.

Web Content Injections - Allows the insertion of HTML or JavaScript into web traffic to modify page behavior.

Remote Browser Controllers - Provides a REST interface to programmatically automate and manipulate remote browser behavior.

Server Vulnerability Probing - Identifies Shell Shock and binary buffer overflows within server software.

Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments.

The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific executables and mobile application packages to establish remote command sessions.

The framework covers a broad surface of capabilities, including web application penetration testing, OSINT reconnaissance, memory and disk forensics, and wireless network auditing. It provides tools for payload generation, credential theft, and the automation of information gathering from public data sources.

This project is implemented primarily as a shell-based application.

Features