[Owasp-alabama] Phishing Tool ideas and opinion

owasp-alabama at lists.owasp.org owasp-alabama at lists.owasp.org
Wed Jul 8 12:53:29 EDT 2009


Hey Guys,

 

I wanted to have a discussion with the list about the Lunker phishing tool
that was worked on last year.  Basically, it's a phishing framework used to
perform controlled phishing attacks.  It's written in PHP, Python, MySQL.

 

Myself and Brad Causey did most of the development up to this point. Anyway,
I wanted to get the lists opinion on releasing the tool to the public. We
talked about it last year, and decided that the tool was too powerful in the
hands of the wrong people. But there more I think about it, so it
MetaSploit, BeEF, and most other security tools.

 

The way Lunker is currently configured it must use a valid SMTP account to
send emails, so it's not anonymous or anything. We also only include a
credential harvesting payload, and not advanced OS or Browser exploits.

 

So my question is, how do you guys feel about releasing this tool from the
Alabama Chapter?

 

I have some more work to finish it up, but would setup SVN access for anyone
who wanted to contribute.

 

Joshua Perrymon, CEH, OPST, OPSA

CEO PacketFocus LLC

 <mailto:Josh at packetfocus.com> Josh at packetfocus.com

1.877.PKT.FOCUS

1.205.994.6573

 <http://www.packetfocus.com/> www.packetfocus.com

 

President Alabama OWASP Chapter  <http://www.owasp.org/> www.owasp.org

Selected for "Top 5 Coolest hacks of 2007" Dark Reading/ Forbes.com

www.linkedin.com/in/packetfocus

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-alabama/attachments/20090708/fe4bcf1c/attachment.html 


More information about the Owasp-alabama mailing list