pretender

A MitM tool for relaying attacks, featuring DHCPv6 DNS takeover and local name resolution spoofing (mDNS, LLMNR, NetBIOS-NS).

Visit Website Share on X

Visit Website

Introduction

Pretender is a machine-in-the-middle tool designed for relaying attacks, primarily targeting Windows hosts. Key features include DHCPv6 DNS takeover, mDNS, LLMNR, and NetBIOS-NS spoofing. It's designed to work with tools like Impacket's ntlmrelayx.py and krbrelayx for relaying attacks or hash dumping. It supports stateless DNS configuration via Router Advertisements and can be configured to stop after a certain time period. Filters can be applied based on domains and hosts, with wildcard support.

Back

Information

Publisher
Admin
Websitegithub.com
Created date11/25/2025
Published date11/25/2025

More Resources

Infrastructure Security

Visit Website

KslDump

Details

Extract credentials from PPL-protected LSASS by leveraging a vulnerable, Microsoft-signed Defender driver (KslD.sys) for arbitrary memory access.

Internal

AI SecurityApplication SecurityInfrastructure SecurityReconnaissance

Visit Website

PentAGI

Details

Autonomous AI agent system for complex penetration testing, integrating security tools, long-term memory, and smart task delegation in sandboxed Docker.

AI OSINT Web Internal External

Exploit DevelopmentInfrastructure SecurityRed Team Operations

Visit Website

IronPE

Details

Rust-based Windows PE manual loader supporting x86/x64. Implements manual mapping, base relocations, and import resolution for memory-based execution.

Internal

215+ Subscribers

No spam. Unsubscribe anytime.

pretender

Introduction

Information

Categories

Tags

More Resources

KslDump

PentAGI

IronPE

pretender

Introduction

Information

Categories

Tags

More Resources

KslDump

PentAGI

IronPE

Join 215+ Professionals