https://github.com/susmoynath/cybersecurity-phishing
🎣 A phishing simulation project built with Node.js (no PHP) and PHP-based versions. Demonstrates how phishing attacks work by mimicking login pages to capture credentials – for educational and ethical hacking use only.
https://github.com/susmoynath/cybersecurity-phishing
cyber-security cybersecurity ethical-hacking nodejs phishing php security-simulation security-tools social-engineering web-security
Last synced: about 2 months ago
JSON representation
🎣 A phishing simulation project built with Node.js (no PHP) and PHP-based versions. Demonstrates how phishing attacks work by mimicking login pages to capture credentials – for educational and ethical hacking use only.
- Host: GitHub
- URL: https://github.com/susmoynath/cybersecurity-phishing
- Owner: SusmoyNath
- Created: 2025-04-21T16:01:08.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2025-04-21T16:17:39.000Z (about 1 year ago)
- Last Synced: 2025-04-27T09:59:06.061Z (about 1 year ago)
- Topics: cyber-security, cybersecurity, ethical-hacking, nodejs, phishing, php, security-simulation, security-tools, social-engineering, web-security
- Language: EJS
- Homepage:
- Size: 900 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# 🎣 Phishing Simulation Project
> **Disclaimer:** This project is for educational and ethical penetration testing purposes **only**. Do **not** use this for unauthorized or malicious activities. The author assumes no responsibility for any misuse.
---
## 📌 About the Project
**Phishing** is a simulation of how attackers can disguise malicious websites as legitimate ones to collect sensitive credentials from unsuspecting users. This project showcases two different phishing setups:
1. **Without PHP (Node.js-based)** – A local simulation for ethical demonstration and learning.
2. **With PHP** – An online deployable version for educational experiments on phishing behavior.
---
## 🛠️ Technologies Used
### 🔹 Node.js Version (Without PHP)
- **Node.js**
- **Express.js**
- **EJS** (Templating Engine)
- **Body-Parser**
### 🔹 PHP Version
- Pure HTML + PHP for basic credential capture simulation.
---
## 🚀 Getting Started
### 🧩 Prerequisites
#### For Node.js Version:
- Node.js installed on your machine: [Download Node.js](https://nodejs.org/en/download/)
- Required packages: Express, EJS, Body-parser
### 🔧 Installation & Run (Node.js Version)
git clone https://github.com/SusmoyNath/CyberSecurity-Phishing.git
cd CyberSecurity-Phishing
npm install express ejs body-parser
node app.js
- The server will run at `http://localhost:3000/`
- Credentials submitted on the form are saved to `logs.json`
### 🌐 Deployment (PHP Version)
1. Host the files on a free hosting service like [000Webhost](https://in.000webhost.com/).
2. Create the following files:
- `phishing.html` – Your fake login form (customized)
- `login_details.php` – Script to capture and store credentials
3. In your HTML, **ensure the `` action points to**:
4. Customize the HTML as desired. You can copy source code of real login pages via:
- Right-click → View Page Source → Copy → Modify for phishing.html
---
## ⚠️ Warning & Legal Notice
This project is **strictly for educational purposes**. Hosting or using phishing pages to collect real user data without consent is illegal and unethical. Always practice responsible coding and penetration testing. Make sure to comply with all local laws and regulations.