Phishing is a cybercrime where an objective or targets are reached by email, phone or instant message by somebody acting like a genuine foundation to draw people into giving delicate information, for example, identifiable information, banking and credit card details, and passwords.
The data is then used to get to significant records and can bring about wholesale fraud and money related misfortune.
What is Shellphish?
ShellPhish is an intriguing tool that we went over that outlines exactly how simple and amazing phishing tools have become today. The device use a portion of the temlpates produced by another tool called SocialFish. The tool offers phishing layouts for 18 famous websites, the majority are centered around social media and email suppliers. There is likewise an alternative to utilize a custom layout if so wanted.
ShellPhish can create phishing page of most popular social networking sites, email providers and streaming site like:
- To install ShellPhish we need to open our terminal window and apply the following command:
git clone https://github.com/thelinuxchoice/shellphish
- Go to the cloned directory using cd command.
- Now we need to give execute permission to the main bash script called shellphish.sh.
sudo chmod +x shellphish.sh
- Now, run the script using:
- To make a phishing page of the desired website, enter the number specified against it (Let’s take an example of instagram).
- Now, ShellPhish will start ngrok server to get credentials from the victim.
- Now, send the generated url to your target and wait for them to enter their credentials.
- Captured credentials will look something like this.
- Similarly, you can use other phishing templates.
This article is posted only for educational purpose. Don’t use it for illegal purposes.