 |
One potent open-source phishing tool is Zphisher. It has been widely used in recent times to carry out phishing attacks against Target. Compared to Social Engineering Toolkit, Zphisher is simpler. It offers phishing template webpages for 33 well-known websites, including Facebook, Instagram, Google, Snapchat, GitHub, Yahoo, Proton mail, Spotify, Netflix, LinkedIn, WordPress, Origin, Steam, Microsoft, and others. Some of the templates were created by a program known as Zphisher. If desired, it also offers the ability to use a custom template. Using this tool to carry out a phishing attack is simple. You can conduct phishing in (wide area network) with the help of this tool. You can obtain credentials, like an ID and password, by using this tool.
**Disclaimer: Please refer to this article with good intentions only; it is meant for educational purposes only!**
Features of Zphisher:
- User-Friendly Interface: Provides an intuitive user experience, making it suitable for novices.
- Vast Selection of Templates: Improves its simulation value by including templates for a number of well-known websites.
- Customizable: Enables phishing pages to be tailored to meet certain requirements.
- Portable and Lightweight: Because it is lightweight, it can be quickly and readily deployed on a variety of platforms.
- Real-Time Capture: Provides instant feedback for testing while capturing credentials in real-time.
Let’s jump into the installation part :
Required conditions:
- an operating system built on Linux (such as Ubuntu, Kali Linux)
- Installed PHP and its dependencies
- Internet access
Setting up:
Step 1: Turn on the Kali machine, open the terminal, and grant root access.
sudo su
Step 2: Open the Downloads (recommended) folder and select Zphisher, Now use the following instructions to install the tool after that.
Cd Downloads
git clone https://github.com/htr-tech/zphisher.git
cd zphisher
Step 3: Now that you are in the zphisher directory, launch the tool by typing the following command.
bash zphisher.sh
Step 4: The tool is operating correctly now. At this point, you need to select the tool's choices in order to create the phishing page.
Step 5: You can select the number for which a phishing page has to be made from these alternatives. Select option 2 if you wish to establish a phishing page for Instagram.
Step 6: As you can see, four distinct web layouts are provided in an attempt to draw in the victim. From here, you may select any option. Assume you wish to select type 1 and the first choice.
This is the UI that appears after the tool is launched.
Any of the URLs may be forwarded to the victim. The password entered by the user will be mirrored on the terminal.
As you can see, we opened the ezlikers link. We have opened the phishing page. The user must now provide their password for their ID.
Here are the ID and password credentials. This is how zphisher may be used for phishing. The victim might get these links from you. The victim's identity will be shown on the terminal itself as soon as they click the link and enter their password. Here's how zphisher functions. One of the greatest instruments available for phishing assaults is this one. You can select the choice based on what you need. One potent open-source phishing tool is called zphisher. It has gained a lot of popularity these days and is employed in phishing assaults. Compared to Social Engineering Toolkit, zphisher is simpler.
.png)
Comments
Post a Comment