Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

HTML

C

Kotlin

Swift

Perl

Ruby

Rust

Java

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Java

Ruby

Dart

C

Julia

R

Go

PowerShell

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇸🇰 Slovakia

🇮🇷 Iran

🇵🇪 Peru

🇲🇹 Malta

🇳🇪 Niger

🇮🇱 Israel

🇲🇽 Mexico

🇬🇭 Ghana

All Countries Compare Countries

Viralmaniar/Wifi-Dumper

Stars
270
Rank 147,290 (Top 3 %)
Language
Python
Created over 7 years ago
Updated over 6 years ago

Viralmaniar/Wifi-Dumper

Viralmaniar

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi penetration testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

Wifi-Dumper

This is an open source tool to dump the wifi profiles and cleartext passwords of the connected access points on the Windows machine. This tool will help you in a Wifi testing. Furthermore, it is useful while performing red team or an internal infrastructure engagements.

Features

Option 1:Shows the wireless networks available to the system. If interface name is given, only the networks on the given interface will be listed. Otherwise, all networks visible to the system will be listed.

Option 2: Shows a list of wireless profiles configured on the system.

Option 3: Shows the allowed and blocked wireless network list.

Option 4: Shows a list of all the wireless LAN interfaces on the system.

Option 5: Generates a detailed report about each wireless access point profile on the system. Group Policy Profiles are read only. User Profiles are readable and writeable, and the preference order can be changed.

Option 6: Dumps the cleartext passwords of every wireless profiles on the system. Make sure to generate the profile file (by selecting option 2) before running this option. Always run this as an administrator user to see the cleartext password. User needs to provide individual wireless name by reading the profile names(option 7).

Option 7: It opens the list of wireless profiles on the system using notepad.

Option 8: It saves WLAN profiles to XML files.

Option 9: Exit gracefully.

General Notes

[+] Each option in the tool generates the ".txt" file as an output.
[+] If you run the tool multiple times, the output gets appended to the previous results.

How to run the application?

[+] Run cmd.exe as an administrator.
[+] Change Directory
[+] Run the application as C:\>python wifi_dumper.py

Questions?

Twitter: https://twitter.com/maniarviral
LinkedIn: https://au.linkedin.com/in/viralmaniar

Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

BigBountyRecon

BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.

Powershell-RAT

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

I-See-You

ISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.

SMWYG-Show-Me-What-You-Got

This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of BreachCompilation leak. This database makes finding passwords faster and easier than ever before.

Remote-Desktop-Caching-

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

XposedOrNot

XposedOrNot (XoN) tool is to search an aggregated repository of xposed passwords comprising of ~850 million real time passwords. Usage of such compromised passwords is detrimental to individual account security.

PeekABoo

PeekABoo tool can be used during internal penetration testing when a user needs to enable Remote Desktop on the targeted machine. It uses PowerShell remoting to perform this task. Note: Remote desktop is disabled by default on all Windows operating systems.

Phirautee

A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.

HiveJack

This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM hives and once copied to the attacker machines provides option to delete these files to clear the trace.

MurMurHash

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

In-Spectre-Meltdown

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

DDWPasteRecon

DDWPasteRecon tool will help you identify code leak, sensitive files, plaintext passwords, password hashes. It also allow member of SOC & Blue Team to gain situational awareness of the organisation's web exposure on the pastesites. It Utilises Google's indexing of pastesites to gain targeted intelligence of the organisation. Blue & SOC teams can collect and analyse data from these indexed pastesites to better protect against unknown threats.

Guided-Access-Mode-Bypass

This write-up will provide detailed description on how to bypass Guided Access mode on Apple iPhones.

Reg-Hives

This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. Use it to copy SYSTEM, SECURITY and SAM hives and download them back to the attacker machines.

Pentest-Stuff

DIGITAL Command Language

Viralmaniar

Flubber-Ducky

Pentest-Payloads

viralmaniar.github.io

Information-Security-Links

Access to awesome blogs and tutorials related to information security field.

OSCE_learning

JavaScript_Code_Snippets

Javascript

Short snippets for pentesting.