Open In App

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy

Shellphish Tool in Kali Linux

Shellphish is a powerful open-source tool Phishing Tool. It became very popular nowadays that is used to do phishing attacks on Target. Shellphish is easier than Social Engineering Toolkit.  It contains some templates generated by another tool called SocialFish and offers phishing templates webpages for 18 popular sites such as Facebook, Instagram, Google, Snapchat, Github, Yahoo, Protonmail, Spotify, Netflix, LinkedIn, WordPress, Origin, Steam, Microsoft, etc. It also provides an option to use a custom template if someone wants. This tool makes it easy to perform a phishing attack. Using this tool you can perform phishing in (wide area network). This tool can be used to get credentials such as id, password.

Uses of Shellphish:



Shellphish tool can create phishing pages of most popular social networking sites like

Installation of shellphish in Kali Linux:



Step-by-step implementation:

Step 1: Open your Terminal on Kali Linux and move to Desktop

cd Desktop

Step 2: Create a new Directory i.e shellphish

mkdir shellphish

Step 3: On Terminal itself download and install shellphish in the above directory by the following command

git clone https://github.com/suljot/shellphish.git

Step 4: Finally to execute shellphish tool-type following command

./shellphish.sh

Congratulations you have installed shellphish tool in your Kali Linux machine. You can see you are getting multiple options here, for Instagram you are getting [01], for Facebook you are getting [02], and for multiple other sites you are getting other options.

For example, let’s type 1 and press enter .now you can see shellphish has created the URL https://8b992b4bc918.ngrok.io. Send this link to the target person through any medium (email, WhatsApp, text message). Once your target open this link and fill the respective phishing form and I’d and password will be shown below {waiting IPs and Credentials}

Once the victim opens the link, they will be able to see a page that will look exactly like the Instagram login page, and this will earn their trust. Once they have entered the credentials, HACKED! You will be able to see their username and password on your Kali Linux terminal. The victim will be now redirected to the original Instagram page.

Article Tags :
How To
Linux-Unix
Recommended Articles
1. Webkiller v2.0 - Tool Information Gathering tool in Kali Linux
2. Cewl Tool - Creating Custom Wordlists Tool in Kali Linux
3. Tool-X - Hacking Tool Installer in Kali Linux
4. Kali-Whoami - Stay anonymous on Kali Linux
5. Kali Linux - Password Cracking Tool
6. Sherlock - Hunt Username on Social Media Kali Linux Tool
7. Gasmask – Information Gathering Tool in Kali Linux
8. Knock - Subdomain Scanner Tool in Kali Linux
9. R3con1z3r – Lightweight Information Gathering Tool in Kali Linux
10. Auto Scanning to SSL Vulnerability - A2SV Tool in Kali Linux
11. Anubis - Subdomain enumeration and information gathering tool in Kali Linux
12. Fcrackzip Tool - Crack a Zip File Password in Kali Linux
13. Grim - Information Gathering Tool in Kali Linux
14. InfoSploit – Information Gathering Tool in Kali Linux
15. Legion Tool in Kali Linux
16. Installation of Wpscan Tool in Kali Linux
17. Sparta Tool in Kali Linux
18. Maltego Tool in Kali Linux
19. Hashcat Tool in Kali Linux
20. ClamAV and ClamTk Antivirus Scanner Tool for Kali Linux
21. Kali Linux - Cisco-Torch Tool
22. Gitrecon – OSINT Tool For Github in Kali Linux
23. Recon-ng Information gathering tool in Kali Linux
24. Slowloris DDOS Attack Tool in Kali Linux
25. Red Hawk - Information Gathering and Vulnerability Scanning Tool in Kali Linux