PhishLulz is a Ruby toolset aimed at automating Phishing activities.
- PhishingFrenzy (https://github.com/pentestgeek/phishing-frenzy)
- BeEF (https://github.com/beefproject/beef)
PhishLulz comes with its own self-signed CA: this is needed to generate self-signed certs for the PhishingFrenzy admin UI. You will also find a bunch of cool phishing templates (which are not in PF) that you can quickly re-use in your scenarios.
- Amazon AWS account (see main config.yaml)
- Non-Winzozz OS (path separators are hardcoded on purpose to don’t make it compatible with Winzozz)
- ssh, scp, openssl in PATH
- Sane Ruby environment (RVM suggested). Install the required gems with: gem install sinatra thin watir-webdriver headless colorize datamapper dm-sqlite-adapter dm-timestamps dm-migrations fog nokogiri mail net-ssh –no-rdoc –no-ri
- Gecko/Chrome drivers
- phish_lulz: main script to start/stop phishing instances
- tools/find_resources: multi-threaded subdomain discovery and fingerprinting tool
- tools/mailboxbug: multi-threaded webmail data extruder
- tools/mail_parser: simple script to extract html/txt from an .eml email file
- namecheap_wrapper: WIP for automated domain registration (Automatic domain registration is still TODO, however you can play with the almost-working code for the NameCheap registrar.)
PhishLulz AWS AMI:
- MySQL root user: phishlulz_mysql
- PhishingFrenzy admin user: phishlulz_frenzy
- BeEF beef user: phishlulz_beef
cd /var/www/phishing-frenzy && RAILS_ENV=production rails console admin = Admin.first admin.password = "newpasswd" admin.email = "newemail" admin.save! exit
Finally, make sure the MailBoxBug data extrusion domain has a valid HTTPS certificate.