pwnSpoof – Generates realistic spoofed log files for common web servers with customisable attack scenarios

Road Map

pwnSpoof is built to produce to authentic web attack logs and it does this really well. Right now we are focused on refactoring the code, building out our testing suite and getting the first push to PyPi but we have huge ambitions for pwnSpoof.

Coming soon

Adding extra webapps beyond banking to provide extra variety to the logs

• Social media
• WordPress
• E-Commerce

Adding additional and more dynamic web attacks

• Full OWASP TOP 10
• Customisable payload encoding
• Multi-session attacks
• Obfuscation

Unscheduled aspirations

Training Videos!

pwnSpoof was built to be a great tool for training the blue team so it only makes sense to produce some training materials to show it off.

• How to ingest logs in to various log analyser (Splunk, Elastic, Open Disto, Sentinel)
• How to use the power of REGEX to pivot around the data

Not just weblogs

We would love to see pwnSpoof generating all kinds of threat hunting logs such as Office365 audit logs for Sharepoint, Onedrive and AzureAD

Blackhat Arsenal

We have submitted pwnSpoof to Blackhat Arsenal for consideration and it would be AWESOME to demo it at Blackhat London this year (2021).

Why not contact us with some extra ideas, or add to the project

Contact

• Simon Gurney – [email protected]
• Daniel Oates-Lee – [email protected]

Credit

• ip2location : We make use of the IP2Location LITE Country database to provide geographically relevant IP addresses.

This product includes IP2Location LITE data available from https://lite.ip2location.com