Create Phishing Page is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. In this tutorial, we covered how to work with SocialFish.
The word is a neologism created as a homophone of fishing due to the similarity of using a bait in an attempt to catch a victim
Phishing is an example of social engineering techniques used to deceive users and exploits weaknesses in current web security.
Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.
Create Phishing Page with SocialFish
Social Fish is an advanced phishing tool with an integration of ngrok tunneling where we can carry out the attack into wide area network without forwarding the ports
“Click Here to Download the Social Fish tool ”
Step 1: Create Phishing Page by Clone the repository from the GitHub to kali Linux by the command
“ git clone https://github.com/UndeadSec/SocialFish.git ”
Step 2: Create a Phishing Page by Change the directory to the Social Fish by the command “ cd SocialFish ”
Step 3: Install the Requirements for the package by the command “ pip install -r requirements.txt ”
Step 4: Change the permission for the socailfish.py file by the command “ chmod +x socialfish.py ”
Step 5: Run the Python script by the command “ python SocialFish.py ”
Step 6: Create Phishing Page by Select the site which you need to phish here we have 7 options. we will be selecting google.
Step 7: Create Phishing Page After the module being loaded Select the operation mode. here I’m choosing advanced phishing mode.
Step 8: Create Phishing Page now the NgRok URL will be provided. Using your social engineering skill make the victim to access to that link.
Step 9: Create Phishing Page Once the victim logs into the phishing page the credentials he entered will be displayed on the terminal.
1. Do not click on links, download files or open attachments in emails.
2. Beware of links in emails that ask for personal information.
3. Never enter personal information in a pop-up screen.
4. Protect your computer with a firewall, spam filters, anti-virus and anti-spyware software.
5. Manually go to the site that appears to have sent you the email to investigate its veracity.
6. short URLs can hide suspicious URLs.
7. Keep Your Browser Up to Date.
8. Install an Anti-Phishing Toolbar.
This article is only for an Educational purpose. Any actions and or activities related to the material contained within this Website is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question.
The authors and www.techincidents.com will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.