1 repository
Fake servers for multiple protocols that capture authentication credentials during challenge-response handshakes.
Distinct from Protocol Server Hosting: Distinct from Protocol Server Hosting: focuses on malicious credential-capturing servers rather than legitimate managed hosting.
Explore 1 awesome GitHub repository matching devops & infrastructure · Rogue Protocol Servers. Refine with filters or upvote what's useful.
Responder is a network penetration testing tool that intercepts and spoofs link-local name resolution queries, including LLMNR, NBT-NS, and mDNS, to redirect traffic to an attacker-controlled host. It hosts rogue protocol servers for over 15 protocols, capturing authentication credentials during challenge-response handshakes, and stores captured hashes and cleartext credentials in a SQLite database for structured offline analysis. The tool distinguishes itself through its ability to relay captured NTLM authentication challenges to target services for lateral movement without cracking the hash
Runs fake servers for 15+ protocols that capture authentication credentials during challenge-response handshakes.