pwnSpoof – Generates realistic spoofed log files for common web servers with customisable attack scenarios
pwnSpoof (from
About The Project
pwnSpoof was created on the back of a
Road Map
pwnSpoof is built to produce to authentic web attack logs and it does this really well. Right now we are focused on refactoring the code, building out our testing suite and getting the first push to PyPi but we have huge ambitions for pwnSpoof.
Coming soon
Adding extra webapps beyond banking to provide extra variety to the logs
- Social media
- WordPress
- E-Commerce
Adding additional and more dynamic web attacks
- Full OWASP TOP 10
- Customisable payload encoding
- Multi-session attacks
- Obfuscation
Unscheduled aspirations
Training Videos!
pwnSpoof was built to be a great tool for training the blue team so it only makes sense to produce some training materials to show it off.
- How to ingest logs in to various log analyser (Splunk, Elastic, Open Disto, Sentinel)
- How to use the power of REGEX to pivot around the data
Not just weblogs
We would love to see pwnSpoof generating all kinds of threat hunting logs such as Office365 audit logs for Sharepoint, Onedrive and AzureAD
Blackhat Arsenal
We have submitted pwnSpoof to Blackhat Arsenal for consideration and it would be AWESOME to demo it at Blackhat London this year (2021).
Why not contact us with some extra ideas, or add to the project
Contact
- Simon Gurney – [email protected]
- Daniel Oates-Lee – [email protected]
Credit
- ip2location : We make use of the IP2Location LITE Country database to provide geographically relevant IP addresses.
This product includes IP2Location LITE data available from https://lite.ip2location.com