Phishing

Thief Raccoon – A Comprehensive Guide To Simulating Phishing Attacks For Cybersecurity Education

Thief Raccoon is a tool designed for educational purposes to demonstrate how phishing attacks can be conducted on various operating systems.

This tool is intended to raise awareness about cybersecurity threats and help users understand the importance of security measures like 2FA and password management.

Features

  • Phishing simulation for Windows 10, Windows 11, Windows XP, Windows Server, Ubuntu, Ubuntu Server, and macOS.
  • Capture user credentials for educational demonstrations.
  • Customizable login screens that mimic real operating systems.
  • Full-screen mode to enhance the phishing simulation.

Installation

Prerequisites

  • Python 3.x
  • pip (Python package installer)
  • ngrok (for exposing the local server to the internet)

Download And Install

  1. Clone the repository:
git clone https://github.com/davenisc/thief_raccoon.git
cd thief_raccoon

2. Install python venv

apt install python3.11-venv

3. Create venv:

python -m venv raccoon_venv
source raccoon_venv/bin/activate

4. Install the required libraries:

pip install -r requirements.txt

Usage

  1. Run the main script:
python app.py

2. Select the operating system for the phishing simulation:After running the script, you will be presented with a menu to select the operating system. Enter the number corresponding to the OS you want to simulate.

3. Access the phishing page:If you are on the same local network (LAN), open your web browser and navigate. If you want to make the phishing page accessible over the internet, use ngrok.

Using ngrok

  1. Download and install ngrok

Download ngrok from ngrok.com and follow the installation instructions for your operating system.

  1. Expose your local server to the internet:
  2. Get the public URL:

After running the above command, ngrok will provide you with a public URL. Share this URL with your test subjects to access the phishing page over the internet.

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.

Recent Posts

Nixpacks : Streamlining Application Deployment With Nix And Docker

Nixpacks is an innovative tool designed to simplify the process of building and deploying applications…

1 hour ago

LabSync : Revolutionizing Collaboration In Laboratories And Reverse Engineering

LabSync is an innovative tool designed to enhance collaboration and efficiency in various laboratory and…

1 hour ago

Rig : A Tool For LLM-Powered Applications

Rig is a cutting-edge Rust library designed to facilitate the development of scalable, modular, and…

1 hour ago

CVE-2024-55591 : Fortinet FortiOS Authentication Bypass Vulnerability

CVE-2024-55591 is a critical authentication bypass vulnerability affecting Fortinet's FortiOS and FortiProxy systems. This flaw,…

1 hour ago

Draugr : Advanced Tools For Synthetic Stack Frame Manipulation

The Draugr toolset provides a robust framework for performing synthetic stack frame manipulation, primarily designed…

1 hour ago

Awesome-Red-Team-Operation : A Comprehensive Toolkit For Advanced Cybersecurity

The "Awesome-Red-Team-Operation" repository is a comprehensive collection of tools designed to support red team operations,…

3 hours ago