{"id":28308810,"url":"https://github.com/bend0us/falsecho","last_synced_at":"2025-07-23T23:09:12.808Z","repository":{"id":286688976,"uuid":"953720013","full_name":"BEND0US/falsecho","owner":"BEND0US","description":"Advanced phishing tool, browser-based data capture, and realistic login page emulation.","archived":false,"fork":false,"pushed_at":"2025-06-12T12:39:21.000Z","size":176,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-12T13:46:58.232Z","etag":null,"topics":["cybersecurity","fake-login-pages","pentest","pentest-tool","phishing","phishing-script","phishing-tool","redteam","redteam-tool"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BEND0US.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-03-24T00:54:54.000Z","updated_at":"2025-06-12T12:39:25.000Z","dependencies_parsed_at":"2025-04-07T21:44:42.680Z","dependency_job_id":"363ff725-5d21-4022-9dcf-802ea6d19393","html_url":"https://github.com/BEND0US/falsecho","commit_stats":null,"previous_names":["bend0us/falsecho"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/BEND0US/falsecho","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEND0US%2Ffalsecho","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEND0US%2Ffalsecho/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEND0US%2Ffalsecho/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEND0US%2Ffalsecho/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BEND0US","download_url":"https://codeload.github.com/BEND0US/falsecho/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEND0US%2Ffalsecho/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266765385,"owners_count":23980761,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-07-23T02:00:09.312Z","response_time":66,"last_error":null,"robots_txt_status":null,"robots_txt_updated_at":null,"robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","fake-login-pages","pentest","pentest-tool","phishing","phishing-script","phishing-tool","redteam","redteam-tool"],"created_at":"2025-05-24T08:09:18.779Z","updated_at":"2025-07-23T23:09:12.803Z","avatar_url":"https://github.com/BEND0US.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Falsecho โ€“ Advanced Phishing Tool\n\nIt captures data such as webcam, microphone, clipboard content, and geolocation. It supports Progressive Web App (PWA) behavior, customizable phishing templates for credential harvesting, and realistic login page emulation. All interactions are tracked securely over HTTPS, enabling precise behavioral and consent-based testing.\n\n\u003e โš ๏ธ This tool is intended for **educational**, **research**, and **authorized security testing** purposes only. Unauthorized usage is strictly prohibited.\n\n---\n\n## ๐Ÿš€ Features\n\nFalsecho can be customized with a wide range of telemetry and interaction modules, enabled via command-line flags:\n\n- `-enable-all`: Enable all available features\n- `-enable-clipboard`: Access and monitor clipboard content\n- `-enable-install`: Display and handle a fake install button\n- `-enable-keylogger`: Keylogger\n- `-enable-location`: Request and collect geolocation data\n- `-enable-microphone`: Request access to microphone\n- `-enable-pwa`: Enable Progressive Web App (PWA) behaviors\n- `-enable-screenshot`: Attempt to capture screen content\n- `-enable-webcam`: Request access to webcam\n- `-hook-interval`: Define polling interval for data hooks (default: 5000ms)\n- `-hook-server`: Specify domain or IP address for data collection (required)\n- `-install-url`: Redirect target when install button is clicked\n- `-port`: Set port for the web server (default: 443)\n- `-template`: Choose page template (e.g. `gmail`, `instagram`, etc.)\n\n---\n\n## ๐Ÿงฉ Templates\n\nTemplates define the fake page served to the target. You can use built-in templates or add your own.\n\n### Using Built-in Templates\n\n- `gmail`: Gmail login interface\n- `instagram`: Instagram login interface\n\n### Adding Custom Templates\n\n1. Place your HTML file inside the `/static/templates` directory.\n2. Add a new entry to the `templateMap` in `main.go`:\n ```go\n var templateMap = map[string]string{\n \"instagram\": \"instagram.html\",\n \"gmail\": \"gmail.html\",\n \"yourname\": \"yourfile.html\",\n }\n ```\n3. Run the tool with `-template yourname`\n\n---\n\n## ๐Ÿ› ๏ธ Usage Examples\n\n### โœ… All permissions + PWA + install button (Gmail template)\n\n```bash\ngo run . -hook-server localhost -port 443 -enable-all -enable-pwa -enable-install -install-url https://google.com -template gmail\n```\n\n### โœ… All permissions only\n\n```bash\ngo run . -hook-server localhost -port 443 -enable-all\n```\n\n### โœ… Minimal (default info only)\n\n```bash\ngo run . -hook-server localhost -port 443\n```\n\n**Collected by default:**\n\n- Battery status \n- Social media presence \n- Network info \n- User-Agent and fingerprinting \n\n### โœ… Webcam only\n\n```bash\ngo run . -hook-server localhost -port 443 -enable-webcam\n```\n\n### โœ… Default info + Gmail login page\n\n```bash\ngo run . -hook-server localhost -port 443 -template gmail\n```\n\n---\n\n## ๐Ÿ“ฆ Output \u0026 Logging\n\nAll captured data is stored under the `data/` directory. Each target session creates its own folder which may include:\n\n- Screenshots\n- Audio files\n- Webcam captures\n- Clipboard dumps\n- Keylogger logs and more\n\n---\n\n## ๐ŸŒ Deployment \u0026 Hook.js\n\nFalsecho runs **only over HTTPS** (port `443` by default).\n\nAlthough the Go-based backend can be compiled (`go build`), the tool heavily depends on the static filesโ€”especially `hook.js`. This file contains the client-side logic that gathers data and interacts with the browser.\n\nYou can also deploy `hook.js` independently by injecting it into any external site you control.\n\n---\n\n## โš ๏ธ Legal Disclaimer\n\nFalsecho is developed and provided strictly for **educational purposes**, **authorized red team operations**, and **security research** in controlled environments.\n\n- You are **solely responsible** for how you use this software.\n- The author(s) do **not endorse or condone** any unauthorized access, surveillance, data collection, or phishing activity.\n- **Using this tool against systems, users, or networks without explicit permission is illegal** and may result in criminal prosecution.\n\nBy using this project, you agree to use it **only in compliance with all applicable laws and regulations**. \nThe author assumes **no liability** for any misuse or damage caused by this software.\n\n---\n\n## ๐Ÿ“„ License\n\nThis project is licensed under [MIT License](LICENSE), however, **usage must comply with all applicable laws and regulations**.\n\n---\n\n## ๐Ÿ‘ค Author\n\nCreated by BEND0US\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbend0us%2Ffalsecho","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbend0us%2Ffalsecho","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbend0us%2Ffalsecho/lists"}