Windows Domain Credentials Phishing Tool

While performing a Pen test for a client i needed to catch a domain user name and password, there are several ways to gain users passwords and it really depends on a lot of factors on how to get it in my case i didn’t had time to wait for the user to enter his credentials and get it using a key logger so i created a fake windows domain login window to tried to force and trick the user to enter his password.
There are several tools and techniques such as “Mimikatz” but they require you to have administrative/system privileges, you don’t need special privileges to execute “Windows Domain Credentials Phishing Tool”.
* Please note, this tool require .NET framework on target system.
* This tool should not be used to perform illegal activities.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s