Blackphish – Phishing tool in Kali Linux

Blackphish is a powerful open-source Phishing Tool. Blackphish is becoming very popular nowadays , that is used to do phishing attacks on Target. Blackphish is easier than Social Engineering Toolkit.  Blackphish contains some templates generated by another tool. Blackphish offers phishing templates web pages for 6 popular sites such as Facebook, Instagram, Google, Snapchat etc. This tool is very helpful for performing phishing attacks.

BlackPhish

Compatibility:

   1.Ubuntu 18.04.1 (Tested)

   2.Kali Linux 2019.4 (Tested)

   3.Any Debian/Ubuntu based OS(should work)

Requirements:

   1.Compatible System

   2.Python3

   3.PHP

   4.Apache2

   5.npm
 

Installation:

Step 1: To install the tool first move to desktop and then install the tool using the following commands.

cd Desktop
git clone https://github.com/iinc0gnit0/BlackPhish

Step 2:  Now move to the directory of the tool using the following command. Then install the tool using the following command.

cd Blackphish
sudo bash install.sh

Step 3: The tool has been installed in your system. Now to run the tool use the following command.

sudo python3 blackphish.py

Step 4: Now you can see various options here. Suppose you want to create a phishing page for Instagram so type 1 and press enter.

Step 5:  Now it will list 4 tunneling option. You can choose an option according to your requirement. Lets choose option 3.

Further steps will show you how it will look from the victim side.

Step 6: Copy the IP address and past it in the browser.

Step 7: When the victim will enter the credential , it will be reflected in the terminal of the attacker.

You can update the tool by executing following command:

sudo bash update.sh

You can also install this tool on Windows :

https://www.apachefriends.org/xampp-files/8.0.6/xampp-windows-x64-8.0.6-0-VS16-installer.exe
run the installer

https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-windows-amd64.zip
extract the zip and place the ngrok.exe in Windows dir

So, now you know how this tool work . You can try other webpage templates of this tool in the same way.

Disclaimer:

This tool was created with educational objectives in mind. This shows how phishing operates. You can try this at your own risk if you wish to acquire unauthorized access to someone’s social media. You are responsible for your own actions and accountable for any legal infringement or damage caused by this tool.