Sending Phishing Email/Messages…

Phishing pages can be created in two ways:

  1. Manual

  2. Using tools like ShellPhish

In first method we have to code and create a copy of the website and we can use a free hosting service like web-host but we should be careful while creating website that it is slimier to the original.

The first option is quite challenging. We’ll use the second method in this blog, and we’ll use a tool called ShellPhish. So, first and main, we must boot Kali Linux, our hacking workstation. I am using virtual box.

We need to download the ShellPhish repository from GitHub. To do so, go to GitHub –

Type the following command on terminal –

apt update && apt upgrade -y && apt install git wget php unzip curl -y && git clone https://github.com/AbirHasan2005/ShellPhish && cd ShellPhish && chmod +x * && bash shellphish.sh

The repository will be updated and downloaded to your computer. The && character is used to denote the separation of two instructions. The first and second commands are used to update your computer, the third and fourth commands are used to download the requirements and repository, and the fifth and sixth commands are used to grant repository permission.

Now as repository is downloaded locate to that directory using cd command –

cd Downloads && cd ShellPhish

Now to run that repository use the command ./ShellPhish.sh to run the repository. After running you will see the following –

Here we can select which page we want to create; there are up to 30 options. After selecting an option, we will use a service called ngrok to host our phishing webpage, and we will be given a link that we can share with anyone. This will look exactly like the original website’s log in page.

Here I have chose Instagram to show you how it looks –

If anyone fills the information you can see it on your terminal and it will be saved in the folder in the foorm of text –

Now the ways to be safe –

  1. Check each and every URL before clicking, including links and buttons.

  2. Look for spelling mistakes.

  3. Type the URL into your address bar yourself instead of clicking on a link.

To know more ways read my older blogs – https://tanishqshahsays.wordpress.com/2021/03/11/phishing-email-messages/

Brain Tattoo:-

  1. There are two way’s to create phishing pages – Manual/Using tools like ShellPhish

  2. First you need to boot your Kali Linux.

  3. Download,Update and give the permissions to repository.

  4. We used a service called ngrok to host the code/webpage and create link.

  5. The received credentials are saved in a text file.

DISCLAIMER: This Blog Does NOT Promote or encourage Any illegal activities, all contents provided by This blog is meant for EDUCATIONAL And Informational PURPOSE only. We will not be responsible for your any illegal actions.

#security #Computer #phishing #cybersecurity #tech #password

1 view0 comments

Recent Posts

See All