Stars: 457
Forks: 111
Pull Requests: 5
Issues: 44
Watchers: 11
Last Updated: 2023-06-14 16:26:59
SniperPhish - The Web-Email Spear Phishing Toolkit
License: MIT License
Languages: PHP, JavaScript, CSS
SniperPhish (SP in short) is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish helps to combine both phishing emails and phishing websites you created to centrally track user actions. The tool is designed in a view of performing professional phishing exercise and would be reminded to take prior permission from the targeted organization to avoid legal implications.
Default login - Username:
admin
Password:sniperphish
In short, we create web tracker -> Add the web tracker to the phishing website -> create mail campaign with a link pointing to the phishing website -> start mail campaign.
Web Tracker -> New Tracker
for your phishing site. The "Web Pages" tab lists the pages you want to track.
Email Campaign -> User Group
and add target usersEmail Campaign -> Sender List
and configure Mail server detailsEmail Campaign -> Email Template
and create mail template. Here, you can to link your phishing website based on the web tracker you created. For that, click on Insert
menu from email template editor and chose Link to Web Tracker
. Select your web tracker from the pop-up window and insert it.Email Campaign -> Campaign List -> New Mail Campaign
and select/fill the fields to create the campaign.Note: SniperPhish tracks your phishing website only if the page is called by appending rid
parameter (ie. ?rid={{RID}}
) at the end. For example opening http://yourphishingsite.com/login?rid=abcd
will be tracked, but not http://yourphishingsite.com/login
. Above 3rd step does this by default.
Go to Web-MailCamp Dashboard -> Select Campaign
. Then select the web tracker and email campaign you created.
Joseph Nygil (@j_nygil) and Sreehari Haridas (@sr33h4ri)
Join on our SniperPhish discord community to engage with us!
If this project help you 'Phish', you can give me a cup of coffee :)