What is Exomind?

Exomind is a tool designed to deliver targetted phising attacks through social networks. In order to do this we must first retrieve information from them in an OSINT fashion, this information is then used to impersonate key individuals whose fake online profiles can be used as the delivery medium for links into handcrafted webpages.

The most sophisticated attack that we have implemented so far is a sub-network replication attack, this means we are not only impersonating one individual, but also creating fake profiles for a big-enough part of his subnetwork. This lets us detach from profiles of real people who may perceive the attack, and also gives us more control on the topology of the network.

# gutes is our attack target
gutes = Graph.TwitterProfile("http://twitter.com/gutes")

# exomind is the user that will impersonate gutes.
# cloneProfile clones the look and feel (theme, image, colors, etc...)
exomind = Graph.ControlledTwitterProfile("http://twitter.com/exomindtest1", "password")
exomind.cloneProfile(gutes)

# Test cloneFollowingStealth
# We first instantiate the bots for the profiles Exomind controls
exoclone = Graph.ControlledTwitterProfile("http://twitter.com/exomindclone", "password")
exoclone1 = Graph.ControlledTwitterProfile("http://twitter.com/exomindclone1", "password")
exoclone2 = Graph.ControlledTwitterProfile("http://twitter.com/exomindclone2", "password")
exoclone3 = Graph.ControlledTwitterProfile("http://twitter.com/exomindclone3", "password")
exoclone4 = Graph.ControlledTwitterProfile("http://twitter.com/exomindclone4", "password")
exoclone5 = Graph.ControlledTwitterProfile("http://twitter.com/exomindclone5", "password")

#  Then for each user of the real sub-network we want to clone and follow, a bot
# is asisnged to that user. That can be done using the id or the screen-name of
# the target user.
followersTest = { 17157238 : exoclone, "axelbrz":exoclone1,
                 "MarioVilas":exoclone2, "eglinsky":exoclone3,
                 "tutterr":exoclone4, "whead":exoclone5,}
exomind.cloneFollowingStealth(gutes, followersTest)

The las version of the tool is available HERE. The previous version of Exomind is also available. Features of both of them are still not unified.

Features we are going to implement in coming versions

Known Issues

Title
Exomind
Platforms
Linux
Release date
2008-10-08
License type
Apache
Releases
Exomind2-v0.1 (presented at RSA 2010) DOWNLOAD .zip 10-03-2010
Exomind-v0.2 (OLD VERSION) DOWNLOAD .zip 27-11-2008

Attachments

Exomind-v0.2.zip - OLD VERSION