evil-ssdp

Spoof SSDP replies to phish for NTLM hashes on a network

Install

All systems
curl cmd.cat/evil-ssdp.sh
image/svg+xml Kali Linux
apt-get install evil-ssdp

evil-ssdp

Spoof SSDP replies to phish for NTLM hashes on a network

This tool responds to SSDP multicast discover requests, posing as a generic UPNP device on a local network. Your spoofed device will magically appear in Windows Explorer on machines in your local network. Users who are tempted to open the device are shown a configurable webpage.