Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/av1080p/fishy
Advanced Phishing Attack.
https://github.com/av1080p/fishy
Last synced: 10 days ago
JSON representation
Advanced Phishing Attack.
- Host: GitHub
- URL: https://github.com/av1080p/fishy
- Owner: AV1080p
- Created: 2019-12-06T04:46:37.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2019-12-04T23:50:01.000Z (almost 5 years ago)
- Last Synced: 2023-10-20T17:58:24.560Z (about 1 year ago)
- Size: 570 KB
- Stars: 2
- Watchers: 0
- Forks: 7
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# FISHY
This is a proof-of-concept of an advanced phishing attack.
###### Demo site - https://openworldoperations.github.io/FISHY/
#### It works by creating a fake browser window and inserting a phishing page into the fake window. In order for the attacker to set valid domain and SSL certificate. In order to deceive the victim into not being able to distinguish the difference.
The only way the victim could notice the attack, is if the victim tried to drag the phishing site window outside of their current browser.
You could further improve on this implementation and allow them to inspect the SSL certificate and input a valid certificate.
Be careful of what you think is a legitimate site!
Sometimes the human eye can never tell.## FISHY Features: ###
* _Loading/busy cursor before appearing, giving the effect their computer is loading the browser. Using system resources._
* _SSL text isn't usually green like the this anymore. However, the brain correlates to: Green = "Go"._
* _Browser can be closed using caption buttons._
* _Can be used with a reverse proxy server in order to phish your victims (in order to bypass 2FA)._### TODO: ###
* _Fix caption buttons (alignment)._
* _Create the option to view the SSL certificate._
* _Make the SSL icon the new icon._
* _Tiny pixel changes because if I can notice something off, I will never let it go._### Example:
![alt text](https://i.imgur.com/R3nPO1q.png)
## EDUCATIONAL PURPOSES ONLY!
Warning: Only use this software according to your current legislation. Misuse of this software can raise legal and ethical issues which I don't support nor can be held responsible for.