Scribd
Upload
2K views8 pages

Zphisher Tool

Zphisher Tool is an automated phishing tool for beginners with over 30 templates. It allows users to easily create phishing pages and tunnels using services like Ngrok, Cloudflared, or LocalXpose. The tool guides users through selecting a template and tunneling service. It then launches a phishing webpage and server on the local PC to receive credentials from victims. The tool demonstrates how credentials entered on the phishing page can be obtained by the user. It highlights how such information could allow threat actors to gain access to a victim's accounts and networks.

Uploaded by

Fake Android
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
2K views8 pages

Zphisher Tool

Zphisher Tool is an automated phishing tool for beginners with over 30 templates. It allows users to easily create phishing pages and tunnels using services like Ngrok, Cloudflared, or LocalXpose. The tool guides users through selecting a template and tunneling service. It then launches a phishing webpage and server on the local PC to receive credentials from victims. The tool demonstrates how credentials entered on the phishing page can be obtained by the user. It highlights how such information could allow threat actors to gain access to a victim's accounts and networks.

Uploaded by

Fake Android
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Zphisher Tool

A beginners friendly, Automated phishing tool


with 30+ templates.
Features

Latest and updated login pages.


Beginners friendly
Multiple tunneling options
Localhost
Ngrok
Cloudflared
LocalXpose
Mask URL support
Docker support

Installation
Usage

On running bash file, Tool will show a list of 34


tempelates to choose from.
Enter template number you want to use, then
press enter. Tool will ask for port forwardin
service. There are 4 to choose from.

LocalHost: It hosts phishing server locally.

Ngrok.io: Login credentials are needed for it


to work.

Cloudflared: No login required

Localxpose: Account Token required to use,


creates tunnels which can be used for 15
minutes max
Choose the template and press enter, Tool will
prompt for some options, press enter in each
one of them, this will select default option
This will launch the webpage and a server for
reciving credentials on you local pc

Using these links, combined with a little bit of


social engineering, credentials can be obtained.

In the pic above, link in opened on a windows


10 machine
Entering credentials on this website

On Pressing enter it redirects user to


google.com and if we now head back to kali
machine, we can see that we have acquired the
credentials
Entering credentials on this website

This tool gave IP address , login details of the


user.

Using this information, an thread actor can gain


access to victim's website and possibly entire
network.

In order to prevent such attacks, user should


use VPN in order to mask their IP , and check
URL before clicking them or entering any
Information.

You might also like