Active 2024-12-31

ClickGrab

Finding ClickFix and FakeCAPTCHA like it's 1999. Detection and hunting tools for clipboard hijacking attacks.

clickfix fakecaptcha detection hunting phishing

Quickstart

Get started instantly

Visit https://mhaggis.github.io/ClickGrab/ or git clone https://github.com/MHaggis/ClickGrab.git

⚠ The Problem

ClickFix and FakeCAPTCHA attacks trick users into copying malicious commands to their clipboard and executing them. These social engineering attacks are increasingly common and difficult to detect.

✓ The Solution

ClickGrab provides detection methods and hunting queries for identifying ClickFix and FakeCAPTCHA-style attacks in your environment.

⚡ Impact

Helps defenders identify and respond to clipboard hijacking attacks before they result in compromise.

Overview

ClickGrab focuses on detecting and hunting for ClickFix and FakeCAPTCHA attacks - social engineering techniques that trick users into copying and executing malicious commands.

What It Detects

ClickFix style attacks
FakeCAPTCHA clipboard hijacking
Malicious clipboard manipulation patterns

Start detecting ClickFix attacks

Get Started Report Issue

Related Modules

Active

Atomics on a Friday

Weekly YouTube show exploring atomic tests, detection engineering, and security research. Live demonstrations and deep dives into attack techniques.

youtube atomic-red-team detection education +1

View Module → GitHub

Active

Bootloaders.io

A curated list of known malicious bootloaders for various operating systems. Track and catalog bootloader threats with detection rules and hash prevention.

bootloader bootkit detection defense +1

View Module → GitHub

Active

CBR-Queries

Collection of useful, up to date, Carbon Black Response Queries for threat hunting and detection.

carbon-black edr hunting queries +1

View Module → GitHub