Rogue and Evil Access Point
- Intuitive CLI
- Configurable (~/.zlown/zlown.yml)
- Connects to internet using LTE
- Shares connectivity over WiFi
- Logs all HTTP trafic
- Social Engineering Toolkit (SET)
- HTTPS sniffing of non-HSTS sites (sslsniff, sslstrip, sslsplit)
- ARP spoofing
- DNS spoofing
- Evil Twin WiFi
- Auto terminate (RST) connections based on criteria specified (pcap filter)
- On-the-fly trafic modification
- Fake updates
- REST API
- Web GUI
- Raspberry Pi 2
- LTE Modem
- WiFi Dongle
- Powerbank (optional; if you want to be truly mobile)
These are must to have.
- apt-get (zlown was developed using Kali Linux)
- systemd
- ruby
- rubygems
- bundler
These will be installed during zlown install
if not present.
- dnsmasq
- hostapd
Presence of these tools affects which features will be available.
- httpry
- ngrep
- sslsniff, sslstrip, sslsplit
gem install zlown
zlown install
zlown init
zlown enable
zlown start
OR
git clone https://github.com/korczis/zlown.git
cd zlown
bundle
./bin/zlown install
./bin/zlown init
./bin/zlown enable
./bin/zlown start
- zlown main entrypoint is zlown systemd service
- run
zlown systemctl status
orsystemctl status zlown
to obtain info about running zlown service - run
zlown systemctl log
orjournlctl -u zlown
to see complete zlown service log
- run
- All zlown related stuff is in ~/.zlown folder
- Main config is stored in ~/.zlown/zlown.yml
- All captured data are stored in ~/.zlown/data
- The Software is provided "as is," with all faults, defects and errors, and without warranty of any kind.
- No Liability. Licensor does not warrant that the Software will be free of bugs, errors, viruses or other defects, and Licensor shall have no liability of any kind for the use of or inability to use the software, the software content or any associated service.
- zlown hould be used for authorized testing and/or educational purposes only. No Exceptions.