Phishing Tool for Facebook, Instagram, Google, Microsoft, Netflix, PayPal, Steam, Twitter, PlayStation, GitHub, Twitch, Pinterest, Snapchat, Linkedin, Ebay, Dropbox, Protonmail, Spotify, Reddit, Adobe, DeviantArt, Badoo, Origin, CryptoCoin, Yahoo, Wordpress, Yandex, StachoverFlow & VK. This is a modified version of ShellFish, ShellPhish & Zphisher.
- git
- brew
- PHP
- ngrok
- Updated to v2.5:
- Added 2020 New Login/Phishing Page.
- Added Traditional Login Page.
- Added Advanced Voting Poll Login Page.
- Added Fake Security Login Page.
- Added Facebook Messenger Login Page.
- Improvements in ShellPhish Logo.
- Added New Sites.
- Added 4 Port Forwarding Options.
[01] Facebook [11] Twitch [21] DeviantArt
[02] Instagram [12] Pinterest [22] Badoo
[03] Google [13] Snapchat [23] Origin
[04] Microsoft [14] Linkedin [24] CryptoCoin
[05] Netflix [15] Ebay [25] Yahoo
[06] PayPal [16] Dropbox [26] Wordpress
[07] Steam [17] Protonmail [27] Yandex
[08] Twitter [18] Spotify [28] StackoverFlow
[09] PlayStation [19] Reddit [29] VK
[10] GitHub [20] Adobe
- Colourized Text
- Animations
- In-built Setup for Termux
- More extra features
- More improvements
- Bugs cleared
- Added temporary Fix (ngrok workaround)
- Added Requirements
apt update && apt upgrade -y && apt install git wget php unzip curl -y && git clone https://github.com/AbirHasan2005/ShellPhish && cd ShellPhish && chmod +x * && bash shellphish.sh
-
You will need to download ngrok ngrok.com/get-started/setup for workaround.
-
Register and sign up for ngrok to obtain ngrok auth token in order for it to work push auth in directions as outlined on ngrok official website.
-
Fire up ngrok on the port (ngrok http 5555/standard is 5555) you're planning to running shellphish on, then open a seperate terminal and run shellphish, link/url will be present in ngrok's terminal tab.
cd ShellPhish
bash update.sh
This is in development. If you find any problems than please report them to my Telegram Group. To work properly in Android you have to Turn On Mobile Data and Hotspot. Without Mobile Data and Hotspot sometimes it not generates Phishing URL.
Usage of Shellphish for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.