| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
- Walkthrough
- advent of cyber 3
- Burp Suite: Intruder
- Intruder
- ctf
- Windows Forensics 1
- CTFS
- Burp Suite: Other Modules
- TryHackMe
- burp suite
- Today
- Total
root@sky:~#
phishEye - An ultimate phishing tool. 본문
phishEye is an ultimate phishing tool, written in python3. It is created with Flask (A micro web framework in python) and tunneled with ngrok. In phishEye, I used latest login page.
Disclaimer
Any actions and or activities related to phishEye is solely your responsibility. The misuse of this toolkit can result in criminal charges brought against the persons in question. The contributors will not be held responsible in the event any criminal charges be brought against any individuals misusing this toolkit to break the law.
This toolkit contains materials that can be potentially damaging or dangerous for social media
. Refer to the laws in your province/country before accessing, using, or in any other way utilizing this in a wrong way.
This tool is made for educational purposes only
. Do not attempt to violate the law with anything contained here. If this is your intention, then Get the hell out of here !
It only demonstrates "how phishing works". You shall not misuse the information to gain unauthorized access to someone's social media . However, you may try out this at your own risk.
Features of fishEye:
- phishEye is an open-source tool .
- You can use phishEye in Advance phishing attacks .
- phishEye tool is a very simple and easy tool . phishEye is written in python3 language .
- phishEye tool is a lightweight tool . This does not take extra space.
- phishEye creates phishing pages of popular sites such as Facebook, Instagram, Google, Github, GitLab, DeviantArt, Dropbox, eBay, Messenger, PayPal, Twitter, Linkedin, more uploading soon...
- It installs all required modules automatically.
- It gives you a short URL masked with the original link ( ie: https://m.facebook.com@is.gd/dyoOj9 ).
- One time generated link can be used for multiple victims.
- Various information about victim like,
- IP
- User-Agent
- continent
- country
- region-name
- city
- district
- zip code
- latitude-longitude
- ISP
Requirements:
phishEye
requires the following programs to run properly -
- python3
- pip3
Installation:
Step 1.) Clone the repository using this command -
git clone https://github.com/sky9262/phishEye.git
Step 2.) Change to the cloned directory -
cd phishEye
Step 3.) Now run phishEye.py -
python3 phishEye.py
Step 4.) Now, you will be provided to choose device PC or Mobile -
Note:- If you'll just press ENTER button it'll select default value (PC).
Step 5.) Choose any website -
Note:- If you'll just press ENTER button it'll select the default value (Facebook).
Step 6.) Enter any port number -
Note:- If you'll just press ENTER button it'll select the default value (4444).
Step 7.) Wait for some seconds while it generates phishing URLs -
Note:- Please ignore if it's showing some ngrok warn msg.
Step 8.) Now, you can share any link 1 or 2 to the victim -
- I shared this link to my friend through WhatsApp -
Whatsapp
Step 9.) When he'll visit the phishing link, you'll get all information about your victim -
Step 10.) You'll get the credentials when your victim will log-in to the phishing website -
At the end victim will be redirected to the original page (here it's Github official page).
Run in one line: python3 phishEye.py -d pc -s github -p 1234
Flags:
| Flag | Uses | Value |
| -d | Device | pc/mob |
| -s | Site | facebook/github/linkedin.... |
| -p | Port | port number |
Wanna go more advanced?
Let's go for more advanced phishing:-
※ I gonna use "Repl.it" for the advanced attack.
Step 1.) Create an account on " Repl.it" with any username which relates to any top-level domain.
Example: I created an account with a "com-" username.
Note:- If you have already an account, you can change your username
to know how to change your username.
Step 2.) Create a repl with a python template and give it a title with the phishing website name.
Example: I am creating an amazon phishing page so :
Step 3.) Enter the following commands in your repl shell -
git clone https://github.com/sky9262/phishEye.git
mv ./phishEye/* ./
rm -r ./phishEye ./main.py
python3 phishEye.py -s amazon
Step 4.) After running these all commands, you'll get a webpage link -
Step 5.) If you will open this link it'll say that "This site can't provide a secure connection", because replit doesn't' provide you SSL certification. To make it working open it with HTTP instead of HTTPS .
Example: In my case, it's http://amazon.com-.repl.co/
Congratulations!! You got a phishing webpage with a phishing link ( http://amazon.com-.repl.co/ ). Now you can proceed with the further process in the repl shell.
Thanks for reading :-)
plz leave a comment and like.