PyPhisher - Easy to use phishing tool with 65 website templates

PyPhiser is an ultimate phishing tool in python. Includes popular websites like Facebook, Twitter, Instagram, Github, Reddit, Gmail, and many others.

Installation

Install primary dependencies (git and python)

  • For Debian
    • sudo apt install git python -y
  • For Arch
    • sudo pacman -S git python --noconfirm
  • For Fedora
    • sudo yum install git python -y
  • For Termux
    • pkg install git python -y

Clone this repository

  • git clone https://github.com/KasRoudra/PyPhisher

Enter the directory

  • cd PyPhisher

Run the tool

  • python3 pyphisher.py

Or, directly run

wget https://raw.githubusercontent.com/KasRoudra/PyPhisher/main/pyphisher.py && python3 pyphisher.py

Options

usage: pyphisher.py [-h] [-p PORT] [-o OPTION]
                    [--update | --no-update]

options:
  -h, --help            show this help message and exit
  -p PORT, --port PORT  PyPhisher's server port [ Default : 8080 ]
  -o OPTION, --option OPTION
                        PyPhisher's template index [ Default : null ]
  --update, --no-update
                        Check for update (default: True)

Features:

  • Multi-platform (Supports most Linux)
  • 65 Website templates
  • Dual Tunneling (Ngrok and Cloudflare)
  • Easy to use
  • Possible error diagnoser
  • Built-in masking of URL
  • Custom masking of URL
  • Portable file (Can be run from any directory)
  • Get IP Address and many other details along with login credentials

Requirements

  • Python(3)
  • PHP
  • Curl
  • Unzip
  • Wget
  • 100MB storage

If not found, all of the required packages will be installed on the first run

Tested on

  • Termux
  • Kali-Linux

Usage

  1. Run the script
  2. Choose a Website
  3. Wait sometimes for setting up all
  4. Send the generated link to the victim
  5. Wait for victim login. As soon as he/she logs in, credentials will be captured

Example

Video Tutorial

PyPhisher Video

Disclaimer

This tool is developed for educational purposes. Here it demonstrates how phishing works. If anybody wants to gain unauthorized access to someone's social media, he/she may try out this at his/her own risk. You have your own responsibilities and you are liable to any damage or violation of laws by this tool. The author is not responsible for any misuse of PyPhisher!

This repository is open source to help others. So if you wish to copy, consider giving credit!

Credits: HTR-Tech and JayKali

If this tool helped you, consider starting a repository. Your stars encourage me a lot!

Find Me on:

  • facebook
  • messenger
  • email
May 26, 2022
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

1 Comment
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
Luca Comellini
Luca Comellini
1 month ago

Congratulation for your good job, but what about MFA?
Most of the services you added requires MFA. Only stealing username and password is not enough to demonstrate that hackers can gain access to your account.
Think about Modlishka. Very powerful tool, but unusable today, that could grab the MFA token as well.
If you can add this feature, your tool should become the first one to use do demonstrate to people how simple is to gain access to everyone’s account.

Last edited 1 month ago by Luca Comellini
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013