• Join CraxPro and earn real money through our Credit Rewards System. Participate and redeem credits for Bitcoin/USDT. Start earning today!
    Read the detailed thread here

Method/TUT [Tutorial] Phishing Framework + 2FA

Currently reading:
 Method/TUT [Tutorial] Phishing Framework + 2FA

Wove

Member
LV
1
Joined
Aug 31, 2023
Threads
4
Likes
7
Awards
3
Credits
361©
Cash
0$
Phishing Framework for Noobs + 2FA (Advanced)

As the title says I'll tell you a quick install phishing framework that works well for beginners.

Prerequisites: BASIC html and php knowledge and a functioning brain.

The framework is called GoPhish : https://getgophish.com/ , the key here is that you can setup phishing campaign,templates and more from a single web interface. You can install it on Windows, Mac, and Linux just download and install the
latest release on git (https://github.com/gophish/gophish/releases/).

This "web-platform" has also mail feedback support , it means that each user phished , each log will be sent to your email and with the email you want.

This is in my opinion a very easy and well made phishing framework for anybody who just want to start and learn with this.

Creating landing pages and templates for your phishing campaign is as easy as doing it from a web-interface.

My advice here is to host this on your localhost , or on a VPS.

Now the 2FA Phishing

Prerequisites here: Linux,bit of networking,and of course a functioning brain

So now I'll guide you throw basic for phishing 2FA along with cookies.

Many of you will already know this tool , our key software here is evilginx.

Here is the git page of the software: https://github.com/kgretzky/evilginx2 , basically this is a "man-in-the-middle attack framework used for phishing login credentials along with session cookies".

For the installation just check the git README , you will need a linux VPS for hosting and a DNS for better looking results.

Evilginx also offer pre-made templates for phishing 2FA on facebook,linkedin,office365 and more, you can find the templates here: https://github.com/kgretzky/evilginx2/tree/master/phishlets

Remember that phishing here will give you all the auth tokens of the user plus the user,password,ip,user agent and usual things so you have the full "identity" of the user.

Hope with this i've helped someone , if you have any question write them down here.
 
  • Like
Reactions: fognayerku

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Tips
Top Bottom