Security Firm FireEye Released a new Phishing tool called ReelPhish to simplifies the real-time Phishing attack that is designed to be run on the attacker’s system and control it by navigating the Attacker web browser.
Also Read WTF – A Personal Information Dashboard For Your Terminal
ReelPhish consists of two components: the phishing site handling code and this script. The phishing site can be designed as desired. Sample PHP code is provided in /examplesitecode. The sample code will take a username and password from a HTTP POST request and transmit it to the phishing script.
The phishing script listens on a local port and awaits a packet of credentials. Once credentials are received, the phishing script will open a new web browser instance and navigate to the desired URL (the actual site where you will be entering a user’s credentials). Credentials will be submitted by the web browser.
The recommended way of handling communication between the phishing site and this script is by using a reverse SSH tunnel. This is why the example PHP phishing site code submits credentials to localhost:2135.
ReelPhish supports multiple authentication pages. For example, in some cases a two factor authentication code may be requested on a second page. To implement this feature, be sure that –numpages is set to the number of authentication pages. Also be sure that the session ID is properly tracked on your phishing site. The session ID is used to track users as they proceed through each step of authentication.
In some cases, you may need to scrape specific content (such as a challenge code) off of a particular authentication page. Example commented out code is provided in ReelPhish.py to perform a scraping operation.
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…