LogoHackDB
icon of pretender

pretender

A MitM tool for relaying attacks, featuring DHCPv6 DNS takeover and local name resolution spoofing (mDNS, LLMNR, NetBIOS-NS).

Introduction

Pretender is a machine-in-the-middle tool designed for relaying attacks, primarily targeting Windows hosts. Key features include DHCPv6 DNS takeover, mDNS, LLMNR, and NetBIOS-NS spoofing. It's designed to work with tools like Impacket's ntlmrelayx.py and krbrelayx for relaying attacks or hash dumping. It supports stateless DNS configuration via Router Advertisements and can be configured to stop after a certain time period. Filters can be applied based on domains and hosts, with wildcard support.

Information

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates