Similar to Fluxion, Kali has a built-in application to perform Wi-Fi phishing activities in a GUI fashion. Ghost Phisher is built to identify wireless connections and has Ethernet security auditing in mind. It is completely written in Python and Python QT for the GUI library.
To harvest the user's credentials, attackers can utilize the Ghost Phisher application to launch a fake AP, as shown in the following screenshot:
GhostPhisher currently provides the following features, all of which can be utilized by penetration testers or attackers:
- Creating an HTTP server
- DNS server
- DHCP server
- Credential logging page (for phishing any username and password)
- Access point emulator
- Advanced session hijacking module
- Ghost Phisher provides the option to perform ARP cache poisoning to perform MiTM and DoS attacks, similar to ettercap/bettercap
- Allows attackers to embed Metasploit binding techniques
- A SQLite database as credential storage