The offensive half of Paranoid. USB payloads, MITM attacks, BLE exploits, phishing, password cracking, physical surveillance detection — all in one native macOS app.
// authorized penetration testing & security research only
Professional-grade offensive security tools integrated into a single native interface. No terminal juggling, no config files — just point and attack.
Launch phishing campaigns with 30+ templates. Hosts fake login pages, captures credentials in real time, tracks campaign statistics. Includes Cloudflare tunnel for external access.
OFFENSIVEFull MITM framework: ARP spoofing, live packet sniffing, HTTP/FTP/SMTP credential capture, JavaScript injection into web traffic, caplet automation, REST API control.
OFFENSIVEAutomated SQL injection detection and exploitation. Tests GET/POST parameters, supports tamper scripts, extracts databases, tables, and credentials from vulnerable targets.
OFFENSIVETransparent HTTPS interception proxy. Inspect, modify, and replay HTTP/S traffic in real time. Certificate generation for SSL/TLS interception.
OFFENSIVEMulti-platform USB attack payloads built in seconds. Generate, format, and write payloads to USB drives — no scripting required.
Generate bind and reverse shell payloads for any target OS. Automatic listener setup with configurable callback addresses and ports.
Deploy keystroke capture agents. Logs stored locally or exfiltrated to remote endpoint. Supports stealth auto-start persistence.
Targeted file extraction payloads. Scans for documents, credentials, SSH keys, browser data. Writes to USB or sends over network.
Install backdoors that survive reboots. Registry keys (Windows), LaunchAgents (macOS), cron/systemd (Linux). Configurable callbacks.
Extract saved passwords from browsers, keychains, credential managers. Supports Chrome, Firefox, Safari, macOS Keychain, Windows Credential Manager.
Extract stored WiFi passwords from the target system. Dumps all saved network profiles with SSIDs and plaintext keys.
Automated privilege escalation payloads. Checks for misconfigurations, weak permissions, and known local exploits.
Establish network pivots from compromised hosts. SOCKS proxy setup, port forwarding, and lateral movement scaffolding.
Every payload type, every target OS.
Real-time USB device detection via DiskArbitration. Auto-identifies inserted drives with vendor lookup and capacity info.
One-click payload writing to USB. Auto-formats drives, deploys payloads with correct permissions and autorun configuration.
Built-in USB vendor database. Identifies device manufacturer, model, and known device class for targeted payload selection.
GPU-accelerated password cracking, network brute-force, and custom wordlist generation. The complete password attack pipeline.
Network login brute-forcer supporting 15+ protocols: SSH, FTP, Telnet, HTTP GET/POST, VNC, SMB, RDP, MySQL, PostgreSQL, and more. Parallel threads with rate limiting. Full attack reports with discovered credentials.
OFFENSIVEGPU-accelerated hash cracking engine. 300+ hash types (MD5, SHA, bcrypt, NTLM, WPA). Attack modes: dictionary, brute-force, mask, rule-based, hybrid. Real-time speed and progress monitoring.
OFFENSIVECustom wordlist generator. Define charset, length, patterns, and rules. Supports numeric, alphanumeric, hex, and full character sets. Pipe directly to Hydra for automated attack workflows.
TOOLPersistent wordlist database. Import SecLists, RockYou, or custom dictionaries. Categorized organization, size tracking, and quick-select for any attack tool.
TOOLSix Bluetooth attack modes plus advanced threat detection. Native Core Bluetooth and IOBluetooth integration — no external adapters required.
Detect Flipper Zero advertisement spam, fake AirPods popups, and BLE flooding attacks. Ephemeral UUID filtering with warmup period to eliminate false positives.
DEFENSIVEFlood nearby Bluetooth devices with advertisement packets via Core Bluetooth. Test BLE stack resilience and device behavior under high-volume advertisement conditions.
OFFENSIVESend oversized L2CAP packets via IOBluetooth framework. Tests target device handling of malformed Bluetooth packets and connection stability under stress.
OFFENSIVEMassive Service Discovery Protocol query attacks. Overwhelms target SDP servers with rapid-fire service enumeration requests.
OFFENSIVESaturate target GATT servers with characteristic read/write requests. Tests BLE peripheral firmware handling of high connection/request volumes.
OFFENSIVERapid connection/disconnection cycling against target BLE devices. Tests device connection handling, resource management, and stack overflow resilience.
OFFENSIVEDetects cloned iBeacons (same UUID/Major/Minor from different sources), Apple Find My cloned payloads, and baseline RSSI shifts indicating physical relay attacks.
DEFENSIVEFuses BLE, WiFi Guard IDS, and Network Scanner signals. Links BLE spy cameras with network hosts via OUI cross-reference. Detects coordinated multi-layer attacks and skimmers near POS terminals.
INTELLIGENCEBeyond the network. Detect surveillance, track people, spoof identities, correlate threats.
Find hidden cameras, sweep rooms for electronic threats, and locate Bluetooth trackers. Multi-sensor analysis in one sweep.
Orchestrates BLE scanning, WiFi noise floor analysis, Bonjour/mDNS probing, audio analysis (microphone-based electronic detection), and IR detection simultaneously. Cross-correlates signals from all sensors to identify hidden devices with high confidence.
BLE + WiFi + Audio + IR + Bonjour all running simultaneously. Cross-correlation eliminates false positives.
Passive-only scanning. No active probes, no network traffic. Detects without revealing your presence.
Specialized mode for scanning vehicles. Adapted sensor thresholds for automotive RF environment and GPS tracker detection.
Automatic evidence collection and report generation. Timestamps, signal data, and device identifiers preserved for documentation.
Determines the physical location of hidden cameras using network-layer timing analysis. Compares response times across rooms to triangulate camera position without physical inspection.
High-frequency ping bursts measure microsecond-level latency variations. Closer devices show lower and more consistent round-trip times.
Layer 2 ARP response timing bypasses IP-level buffering. Raw MAC-level responses reveal true physical proximity.
Determines if the camera is directly connected or behind a WiFi extender/repeater. Hop count affects localization strategy.
Weighted fusion of all timing signals produces a confidence-ranked distance estimate. Compare multiple rooms to narrow down camera location.
Identifies and locates Bluetooth trackers in your vicinity. Detects Apple AirTags, Tile trackers, Samsung SmartTags, and unknown tracking devices using BLE advertisement analysis and signal triangulation.
Identifies Apple AirTag Find My network advertisements. Flags unknown AirTags that may be tracking you.
Detects Tile, Samsung SmartTag, Chipolo, and generic BLE trackers. Vendor-specific protocol decoding for each platform.
RSSI-based proximity estimation. Walk around to narrow down the tracker's physical location through signal strength changes.
Know who’s around you, hide your identity on the network, and adapt to your environment automatically.
Detect nearby people via their Bluetooth devices. Anti-MAC rotation engine uses temporal clustering, RSSI continuity, and manufacturer fingerprinting to track individuals even as their phone rotates MAC addresses. Groups phone + smartwatch as one person.
NEWSpoof your MAC address (random, vendor-specific, or custom). Auto-rotation at configurable intervals (15 min to 4 hours). Hostname masking to appear as a different device on the network.
OFFENSIVEGPS-based movement detection classifies your environment: stationary (home/office), public transport (bus/train), or personal vehicle. Paranoid adapts scan configuration, timing, and alerts based on your mobility context.
NEWRemembers every device across sessions. Multi-fallback identification (MAC, Bonjour, DHCP hostname, UPnP UDN) survives MAC rotation. Tracks first seen, last seen, sighting count, and network associations.
ADVANCEDCapture raw WiFi packets in monitor mode. Channel hopping, WPA/WPA2 4-way handshake capture with persistence. Interface switching and session management. Requires privileged helper daemon.
OFFENSIVEMulti-vector camera discovery: vendor OUI analysis, active RTSP/ONVIF probing, common camera port scanning (554, 80, 8080, 34567), HTTP admin panel fingerprinting, Bonjour/mDNS and SSDP discovery.
ADVANCEDCross-references signals from WiFi IDS, Traffic Inspector, Honeypot, CVE Scanner, and Camera Detector. Isolated alerts become confirmed attack chains.
ARP spoof detection + DNS hijacking anomaly + traffic redirect from the same source = confirmed man-in-the-middle with high confidence.
Honeypot connection from an IP + scanning activity from the same IP in traffic logs = confirmed active attack campaign.
Honeypot hit + port scan activity from the same host = verified reconnaissance phase. Auto-escalates alert severity.
Host with RCE vulnerability + anomalous outbound traffic pattern = potential active exploitation. Flags for immediate investigation.
Detected camera device + active video stream to unknown external IP = confirmed covert surveillance device with data exfiltration.
Compares current scan with previous sessions. New ports, changed services, or OS fingerprint shifts trigger investigation alerts.
Device type affects traffic anomaly severity. A printer making HTTPS calls is more suspicious than a laptop. Context-aware alert prioritization.
Cross-validates device identity from multiple protocols. mDNS/SSDP hostname conflicts or OS signal mismatches reveal spoofed devices.
One price. Every weapon included. USB payloads, BLE attacks, MITM, phishing, password cracking, correlation engine — and everything on the core features page.