FiercePhish – Phishing Framework To Manage All Phishing Engagements

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notification options.

 

Note: This tool is used only for educational purpose. We are not responsible for any damage that you cause.

 

System Requirements

  • Ubuntu 14.04 / 16.04 / 16.10
  • SMTP
  • IMAP
  • FiercePhish
  • Domain name (to send emails from)

 

This isn’t required, but it is heavily suggested. Phishing campaigns where you spoof an active domain you don’t own are extremely susceptible to being spam filtered (unless the domain’s SPF record is improperly configured). The best way to perform a phishing campaign is by buying a generic domain that can fool someone (“yourfilehost.com”) or a domain that is very similar to a real domain (“microsoft-secure.com”).

 

Installation –  Way 1 (by using remote curl download)

 

This method is probably the easiest way to install/configure everything. It is a fully unattended installation (aside from the beginning).

Step 1: You must run the installer as root:

sudo su

 

Step 2: Generate the configuration file:

curl https://raw.githubusercontent.com/Raikia/FiercePhish/master/installer.sh | bash

 

Step 3: This will create a configuration file located at “~/fiercephish.config“. You must edit this file before moving on!

Step 4: Once “CONFIGURED=true” is set in the configuration file, re-run the install script:

curl https://raw.githubusercontent.com/Raikia/FiercePhish/master/installer.sh | bash

Note: The installation could take anywhere from 5-15 minutes depending on your server’s download speed.

Step 5: Once the installation completes, follow the instructions it prints out. It will tell you what DNS entries to set.

 

Installation – Way 2 ( by using local installation run)

This method is just as easy as way 1, but the install will prompt you as it runs for the information it requires (as opposed to using a configuration file like way 1).

Step 1: You must run the installer as root:

sudo su

 

Step 2: Download the configuration file:

wget https://raw.githubusercontent.com/Raikia/FiercePhish/master/installer.sh

 

Step 3: Set the installer as executable:

chmod +x installer.sh

 

Step 4: Run the installer:

./installer.sh

The installer will prompt you for the same information as is described in the configuration file for way 1 . See that wiki page for information on what to provide.

Note: The installation could take anywhere from 5-15 minutes depending on your server’s download speed. It will prompt you periodically, so make sure you pay attention. If you want to hit install and go afk, use way 1

Step 5: Once the installation completes, follow the instructions it prints out. It will tell you what DNS entries to set.

 

Download now – FiercePhish

Related posts

How to Improve Your Cyber Resilience by Strengthening User Privileges

The Dark Side of Viral Content: How Negative Reviews Can Snowball

Testing Gaming Monetization: Walking the Line Between Profit and Player Experience