Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dmdhrumilmistry/googlephish
Google account phishing tool written in python using django
https://github.com/dmdhrumilmistry/googlephish
django docker docker-compose docker-container docker-image google-phishing-login phishing phishing-attacks python python3
Last synced: 8 days ago
JSON representation
Google account phishing tool written in python using django
- Host: GitHub
- URL: https://github.com/dmdhrumilmistry/googlephish
- Owner: dmdhrumilmistry
- Created: 2021-09-12T17:25:47.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-04-17T04:39:33.000Z (8 months ago)
- Last Synced: 2024-05-01T16:30:52.423Z (8 months ago)
- Topics: django, docker, docker-compose, docker-container, docker-image, google-phishing-login, phishing, phishing-attacks, python, python3
- Language: HTML
- Homepage:
- Size: 978 KB
- Stars: 71
- Watchers: 2
- Forks: 16
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# GooglePhish
![GooglePhish](.images/GooglePhish-500x500.png)
- Google Account Phishing Tool using Python Django Framework.
- Screenshots
| Screenshots | Screenshots |
| ----------- | ----------- |
| ![Google Login Page Phisher Home Page Image](.images/home-page.png)| ![Google Login Page Phisher Password Page Image](.images/password-page.png) |## Fast Installation Using docker
- Pull created image
- Install [Docker](https://www.docker.com/products/docker-desktop/)
- Pull googlephish image```bash
docker pull dmdhrumilmistry/googlephish
```- run docker image
```bash
docker run -d -p 8000:8000 dmdhrumilmistry/googlephish -e
```- Build Image and run using build command
```bash
sudo docker build -t googlephish .
```- You can specify your credentials using build arguments like this :
``` bash
sudo docker build -t googlephish -e "[email protected]" -e "DJANGO_SUPERUSER_USERNAME=admin" -e "DJANGO_SUPERUSER_PASSWORD=GooglePhish" .
```- Run docker container
```bash
docker run -d -p 8000:8000 googlephish
```If you have build the dockerfile with no arguments, the default credentials are :
* Username : `admin`
* Password : `G00g13P#15#23`- Using Docker Compose
```bash
docker-compose up
```
> :warning: Doesn't work yet## Installation
- Clone/Download repo
```bash
git clone https://github.com/dmdhrumilmistry/GooglePhish.git
```- Create virtual environment
```bash
python3 -m venv env
```- Load virtual environment
```bash
source env/bin/activate
```- Install [Poetry](https://python-poetry.org/docs/)
```bash
python3 -m pip install poetry
```- Install requirements
```bash
poetry install
```- Check for errors
```bash
python3 manage.py check
```> Proceed if no errors were encountered.
- migrate db
```bash
python3 manage.py makemigrations
python3 manage.py migrate
```- Create user
```bash
python3 manage.py createsuperuser
```- Collect static files
```bash
python3 manage.py collectstatic
```- Run server
```bash
python3 manage.py runserver
```> Use `--insecure` tag if any issue is encountered while loading static files.
## Update `.env` file
- Env File template
```bash
DJANGO_SECRET_KEY=secret_key
DEBUG=False
ALLOWED_HOSTS=*
CSRF_TRUSTED_ORIGINS=https://your-domain.ngrok-free.app,https://domain.localhost.run
```- Generate and copy new secret key
```bash
python3 generate_new_key.py
```- Set `DEBUG` variable to `True` only during development stage, else use `False`
- Set `CSRF_TRUSTED_ORIGINS` while using ssh tunnels such as `ngrok` and `localhost.run`.
- update values in `.env` file
## View Passwords using GooglePhish Dashboard Page- Dashboard login page
```
http://127.0.0.1:8000/pawned
```## Start Server
```bash
python3 manage.py runserver
```> if static files are not loading, turn on debug mode or use
>
> ```bash
> python3 manage.py runserver --insecure
> ```## For phishing over the internet
- Start server
```bash
python3 manage.py runserver
```- forward port using ssh
```bash
ssh -R 80:localhost:8000 localhost.run
```> 8000 is port of localhost server.
> 80 is [localhost.run](https://localhost.run/) server port. Localhost is service that helps you to expose your server running on localhost to the internet, visit their [documentation](https://localhost.run/docs/) for more info- Now send link to your victim
> You can redirect user from google meet to your phishing page link using
>
> ```
> https://meet.google.com/linkredirect?dest=your_link
> ```## Project Maintainer
- [dmdhrumilmistry](https://github.com/dmdhrumilmistry)
## Contributors
[Contributors List](https://github.com/dmdhrumilmistry/GooglePhish/graphs/contributors)
### Have any Ideas 💡 or issue
- Create an issue
- Fork the repo, update script and create a Pull Request