Rogue and Evil Access Point

• Intuitive CLI
• Configurable (~/.zlown/zlown.yml)
• Connects to internet using LTE
• Shares connectivity over WiFi
• Logs all HTTP trafic

• Social Engineering Toolkit (SET)
• HTTPS sniffing of non-HSTS sites (sslsniff, sslstrip, sslsplit)
• ARP spoofing
• DNS spoofing
• Evil Twin WiFi
• Auto terminate (RST) connections based on criteria specified (pcap filter)
• On-the-fly trafic modification
• Fake updates
• REST API
• Web GUI

• Raspberry Pi 2
• LTE Modem
• WiFi Dongle
• Powerbank (optional; if you want to be truly mobile)

These are must to have.

• apt-get (zlown was developed using Kali Linux)
• systemd
• ruby
• rubygems
• bundler

These will be installed during zlown install if not present.

• dnsmasq
• hostapd

Presence of these tools affects which features will be available.

• httpry
• ngrep
• sslsniff, sslstrip, sslsplit

• gem install zlown
• zlown install
• zlown init
• zlown enable
• zlown start

OR

• git clone https://github.com/korczis/zlown.git
• cd zlown
• bundle
• ./bin/zlown install
• ./bin/zlown init
• ./bin/zlown enable
• ./bin/zlown start

• zlown main entrypoint is zlown systemd service
  • run zlown systemctl status or systemctl status zlown to obtain info about running zlown service
  • run zlown systemctl log or journlctl -u zlown to see complete zlown service log
• All zlown related stuff is in ~/.zlown folder
• Main config is stored in ~/.zlown/zlown.yml
• All captured data are stored in ~/.zlown/data

• The Software is provided "as is," with all faults, defects and errors, and without warranty of any kind.
• No Liability. Licensor does not warrant that the Software will be free of bugs, errors, viruses or other defects, and Licensor shall have no liability of any kind for the use of or inability to use the software, the software content or any associated service.
• zlown hould be used for authorized testing and/or educational purposes only. No Exceptions.