WcamPhish is a method for capturing images of a target’s webcam or front camera on a phone. In order to create a link that we can send to the target over the internet, WcamPhish hosts a fake website on a PHP server that was custom-built.

If the target agrees, the website requests their camera permission, and this tool then takes pictures of the target’s device with that camera.


Two automatic web page templates are included in this tool to help you engage your target audience and learn more about them.

  • Festival Wishing
  • Live YouTube TV
  • Online Meeting [Beta]

simply enter the festival name or YouTube’s video ID

This Tool Tested On :

  • Kali Linux
  • Termux
  • MacOS
  • Ubuntu
  • Parrot Sec OS

Installation and requirements

This tool requires PHP for the webserver, SSH, or serveo link. First, run the following command on your terminal

apt-get -y install php openssh git wget

Installing (Kali Linux/Termux):

git clone

cd WcamPhish


Change Log:

Version: 1.5: Add new online meeting template

Version: 1.4: Ngrok auth token update

Version: 1.3: Fix ngrok direct link

WcamPhish was developed to help in penetration testing; it is not liable for any abuse or illicit uses.

Please consider following and supporting us to stay updated with the latest info

Published by Aman Mishra

Aman Mishra is a eJPT certified and always keen to learn new concepts and methodologies regarding cybersecurity.he is also a cyber security content writer and have passion for sharing my knowledge about the latest threads and trends in the industry.

Leave a comment

Your email address will not be published. Required fields are marked *