ZPhisher is an advanced phishing tool-kit it is an upgraded version of Shellphish. It have the main source code from Shellphish but ZPhisher have some upgrade and have removed some unnecessary codes from Shellphish. It is devloped by HTR-Tech . ZPhisher can be run from Kali Linux and also can be run from Android devices using Termux. It is the all-in-one phishing framework in 2020.
ZPhisher have lots of phishing pages like:
1) Facebook
5) Badoo Login Page
6) CryptoCoinSniper Login Page
7) Deviantart Login Page
8) Dropbox Login Page
9) Ebay Login Page
10) Github Login Page
11) Linkedin Login Page
12) Microsoft Login Page
13) Netflix Login Page
14) Origin Login Page
15) Paypal Login Page
16) Pinterest Login Page
17) Playstation Login Page
18) Protonmail Login Page
19) Reddit Login Page
20) Snapchat Login Page
21) Spotify Login Page
22) Stackoverflow Login Page
23) Steam Login Page
24) Twitch Login Page
25) Twitter Login Page
26) Vk Login Page
27) Vk Poll Method (Hiddeneye)
28) Wordpress Login Page
29) Yahoo Login Page
30) Yandex Login Page
Zphisher also have 4 port forwarding options
The screenshot of the preceding command if following:
Then we need to go inside the zphisher directory using cd command:
Here we need to give executable permission to the bash script by using following command:
The screenshot is following.
Now we are ready to run it. We can run it by using following command:
Then this bash script lead us to the main menu of the ZPhisher tool as shown in following screenshot:
Here everything is very clear. For an example we choose 1 for Facebook and press enter.
Here we can choose whatever we think easy to trick our victim. For an example we choose 3 for a "Fake Security Login Page".
Now we can choose our port forwarding option. Here If we choose 1 then it will be for our local network (same WiFi or LAN) only, but we can choose the other options like ngrok serveo or localhost.run. (These are all free port forwarding services so sometimes some services may be down for overloading. In that case we need to choose other.)
Here we choose 2 for ngrok.io. Then we wait for some seconds untill our link generated.
In the above screenshot we can see our link created on ngrok. Now we can send this link to our victim by SMS or mail or by any other way With some catchy social engineering technique.
If our victim opens it then he/she will see something like following screenshots:
If our victim inputs the username and password then,
We got the credentials of our victim. Now it can be used to login victim's Facebook account.
We also can use it on Android through Termux application. First we need to install Termux from Google Play Store. Then we can open it and run a single command to update download and run the ZPhisher. The single command is following:
If you like our tutorial or got an issue regarding this post please comment down, we always be happy to respond. If you liked our tutorials then visit our website regularly
ZPhisher have lots of phishing pages like:
1) Facebook
- Facebook Normal Login Page
- Fake Security Login Method (DarkSecDevelopers)
- Facebook Voting Poll Method (DarkSecDevelopers)
- Messenger Login Page (New)
- Normal Login Page
- Instagram Auto Follower Phishing Page (thelinuxchoice)
- Instagram Badge Verify Method (DarkSecDevelopers)
- Google Old Login Page
- Google New Login Page
- Google Voting Poll Method (DarkSecDevelopers)
5) Badoo Login Page
6) CryptoCoinSniper Login Page
7) Deviantart Login Page
8) Dropbox Login Page
9) Ebay Login Page
10) Github Login Page
11) Linkedin Login Page
12) Microsoft Login Page
13) Netflix Login Page
14) Origin Login Page
15) Paypal Login Page
16) Pinterest Login Page
17) Playstation Login Page
18) Protonmail Login Page
19) Reddit Login Page
20) Snapchat Login Page
21) Spotify Login Page
22) Stackoverflow Login Page
23) Steam Login Page
24) Twitch Login Page
25) Twitter Login Page
26) Vk Login Page
27) Vk Poll Method (Hiddeneye)
28) Wordpress Login Page
29) Yahoo Login Page
30) Yandex Login Page
Zphisher also have 4 port forwarding options
- localhost (For local network/LAN)
- Ngrok (For World-Wide WAN)
- Serveo.Net (For WAN)
- Localhost.run (For WAN)
Installing on Kali Linux
First we need to clone ZPhisher from it's GitHub repository by using following command:The screenshot of the preceding command if following:
Then we need to go inside the zphisher directory using cd command:
Here we need to give executable permission to the bash script by using following command:
The screenshot is following.
Now we are ready to run it. We can run it by using following command:
Then this bash script lead us to the main menu of the ZPhisher tool as shown in following screenshot:
Here everything is very clear. For an example we choose 1 for Facebook and press enter.
Here we can choose whatever we think easy to trick our victim. For an example we choose 3 for a "Fake Security Login Page".
Now we can choose our port forwarding option. Here If we choose 1 then it will be for our local network (same WiFi or LAN) only, but we can choose the other options like ngrok serveo or localhost.run. (These are all free port forwarding services so sometimes some services may be down for overloading. In that case we need to choose other.)
Here we choose 2 for ngrok.io. Then we wait for some seconds untill our link generated.
In the above screenshot we can see our link created on ngrok. Now we can send this link to our victim by SMS or mail or by any other way With some catchy social engineering technique.
If our victim opens it then he/she will see something like following screenshots:
 | ||
| On Desktop |
 |
| On Mobile Device |
If our victim inputs the username and password then,
 |
| BINGO! |
Installing on Android (Termux)
We also can use it on Android through Termux application. First we need to install Termux from Google Play Store. Then we can open it and run a single command to update download and run the ZPhisher. The single command is following:
How to be safe from this Attack
- We should not click on any link through sms/email/website/chatroom or text messages etc.
- we need to check the link is driving to original Facebook, mean to say check the links is https://www.facebook.com/ or not. If not and the page is looking like Facebook, then this might be a phishing page.
- Windows user should use anti-virus and web-security software , like norton or McAfee . Linux user should take care before clicking unknown links.
If you like our tutorial or got an issue regarding this post please comment down, we always be happy to respond. If you liked our tutorials then visit our website regularly
Tags
Attack Strategies