FS-NyarL - Network Takeover & Forensic Analysis Tool


NyarL it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony.
It's represent Crawling Chaos and FS-NyarL it's The Crawling Chaos of Cyber Security :-)
A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit - but use it at your own risk!
 
  • Interactive Console
  • Real Time Passwords Found
  • Real Time Hosts Enumeration
  • Tuned Injections & Client Side Attacks
  • ARP Poisoning & SSL Hijacking
  • Automated HTTP Report Generator

ATTACKS IMPLEMENTED:
  • MITM (Arp Poisoning)
  • Sniffing (With & Without Arp Poisoning)
  • SSL Hijacking (Full SSL/TLS Control)
  • HTTP Session Hijaking (Take & Use Session Cookies)
  • Client Browser Takeover (with Filter Injection in data stream)
  • Browser AutoPwn (with Filter Injection in data steam)
  • Evil Java Applet (with Filter Injection in data stream)
  • DNS Spoofing
  • Port Scanning


POST ATTACKS DATA OBTAINED:

  • Passwords extracted from data stream
  • Pcap file with whole data stream for deep analysis
  • Session flows extracted from data stream (Xplico & Chaosreader)
  • Files extracted from data stream
  • Hosts enumeration (IP,MAC,OS)
  • URLs extracted from data stream
  • Cookies extracted from data stream
  • Images extracted from data stream
  • List of HTTP files downloaded extracted from URLs


DEPENDENCIES (aka USED TOOLS):

  • Chaosreader (already in bin folder)
  • Xplico
  • Ettercap
  • Arpspoof
  • Arp-scan
  • Mitmproxy
  • Nmap
  • Tcpdump
  • Beef
  • SET
  • Metasploit
  • Dsniff
  • Macchanger
  • Hamster
  • Ferret
  • P0f
  • Foremost
  • SSLStrip
  • SSLSplit