MDPin
trape
MDPin | trape | |
---|---|---|
2 | 12 | |
42 | 7,919 | |
- | - | |
0.0 | 0.0 | |
about 3 years ago | 2 months ago | |
JavaScript | Python | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
MDPin
-
Made a program to steal Android devices Pin Codes
Hey there!
I'm just new here, because I joined this community to share this in. I hope you don't mind. However, I'm pretty glad to say I built my first Pentesting/Hacking tool (Link here: https://github.com/bastien8060/MDPin).
Of course it is open-source, and it relies on social engineering to work. Although it is not an exploit, it exploits some browser's trust in fullscreen mode (Eg. In-App browsers like instagram/reddit's browser which open links has the feature to enter fullscreen but do not give any warning to the user, when using it).
This program lets you start a server with a backend and a frontend which mimics as close as possible Android's login screen. It detects the phone's brand and loads the brand's default wallpaper. Ios does not work on purpose and will be greeted with a blank screen. The user will be shown a screen off animation then will be shown a lockscreen. They would slide up and enter their pin. An unlock animation will be shown and the phone will seem to be on google.com. The backend will collect the pin code.
Of course this is to be used only for educational purposes. The goal here is to show how people are affected/uneducated about social engineering attacks still today. (People can't always be trusted. Google does not ask for card details by email from a foreign email address. Social engineering over phone calls or even posted letters are also a thing etc...)
Thank you very much for reading this.
I'm still not entirely sure this is the right subreddit to post this in, however, I'm pretty glad to say I built my first Pentesting/Hacking tool (Link here: https://github.com/bastien8060/MDPin).
trape
-
TRACK PEOPLE ON THE INTERNET: Learn to track your opps world, to avoid being traced
Github Link
- ILPT Request: how do I track a phone...
- ILPT Request: How to bypass phishing detection? Google detects my phishing link that I send to shit faces that like to spread rumors and damage reputation. Google detects every link sent to an android phone.
- Some information and advice about DDoS, from someone who was there during #opPayback
- trape - Tool to track and execute intelligent social engineering attacks in real time.
- Tool to track and execute intelligent social engineering attacks in real time
- Using Pi4 running Bettercap as a honeypot to catch a legit stalker
-
Can you backtrace a VPN covered IP to reach its origin? If so, which is the process (from a high-level)
Well I would highly recommend using this Trape OSINT tool for tracking people on internet (Github)
- Android RAT
- What are some other cool tools for beginners like me ?
What are some alternatives?
enmodal - transit planning & analysis in your browser
Android-RATList - Android - Remote Access Trojan List
stuhack - Chrome extension for studocu premium free
email2phonenumber - A OSINT tool to obtain a target's phone number just by having his email address
web-benchmarks - A set of HTTP server benchmarks for Golang, node.js and Python with proper CPU utilization and database connection pooling.
dirsearch - Web path scanner
Titanium - A Social Engineering Tool
osmedeus - A Workflow Engine for Offensive Security
GRecon - Another version of katana, more automated but less stable. the purpose of this small tool is to run a Google based passive recon against your scope.
longtongue - Customized Password/Passphrase List inputting Target Info
fbspider - Scraping Facebook information
TWINT - An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.