King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness training to more complicated scenarios in which user aware content is served for harvesting credentials. It is only to be used for legal applications with explicit permission. Features include running multiple phishing campaigns simultaneously, sending emails with embedded images, optional Two-Factor authentication, credential harvesting, SMS alerts, web page cloning, and integrated Sender Policy Framework.
FEATURES
SIMILAR TOOLS
Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.
Comprehensive manual for mobile app security testing and reverse engineering with technical processes for verifying controls.
Tools and documentation for validating hardware security requirements on x86 platforms, including bootable USB key creation and platform configuration verification.
An open-source project for dynamic analysis of Android applications using the Android Substrate framework.
A tool for analyzing Android applications in local storage with various functionalities.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
iOS Reverse Engineering Toolkit for automating common tasks in iOS penetration testing.
A tool for quantitative risk analysis of Android applications using machine learning techniques.
A comprehensive collection of wordlists for bruteforcing and password cracking, covering various hashing algorithms and sizes.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.