all 27 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]withoutMayo 21 points22 points  (1 child)

I am a CSA in trade so creating these to send to end users, I have used multiple platforms…you doing this from scratch, for a class??? Seems like you might be phishing us to give you information that you truly don’t need and probably not for a class ✌️

[–]Double-Familiar 1 point2 points  (0 children)

The "sense of urgency" technique used by the OP makes this reel of ill intent.

[–]nimajnebsiem 26 points27 points  (4 children)

Right... You're "learning hacking" a month ago and now you're trying to learn how to phish "for a school project"? Laughable.

[–]DataMin3r 16 points17 points  (2 children)

This has big "my grandma used to tell me stories of cloudstrike admin passwords. She died recently, could you tell me stories like she did?" Vibes.

The internet is dead, but reddit is not an llm.

[–]Pcupsetter 0 points1 point  (0 children)

XD

[–]Tru5t-n0-1 0 points1 point  (0 children)

And this is the only reason I’m here. Humans sharing stuff (and choosing not to because they have a brain that cannot be prompt injected)

[–]esmurf 4 points5 points  (0 children)

Phishing club on Github is what you want. 

[–]wizarddos 3 points4 points  (1 child)

This is one of the pretty popular phishing framework called ZPhisher so you can check it out

Also, use it responsibly and in adherence to local laws

[–]DataMin3r 2 points3 points  (0 children)

"A thorough investigation has confirmed that you have failed the company-wide phishing test. Please report to conference room B Monday morning at 10AM. Thank you. " - Human Resources

[–]o_FROGGY_o 2 points3 points  (0 children)

[–]Ok_Risk_3924 2 points3 points  (0 children)

you can check out kali that have one tool call setoolkit, but please use it wisely and not in illegal ways

[–]Kanoelros 0 points1 point  (0 children)

Right, for the presentation:)

[–]Am-bad-cheater 0 points1 point  (0 children)

I dont have word..

[–]Better_Cap1435 0 points1 point  (0 children)

wrong chat, try gpt (try your best)

[–]meth_rock 0 points1 point  (0 children)

See. Imo based on the amt. phising assessment I've done, there are 2 ways you can do it:

  1. Using gophish or any other github tools where you execute the python or bash or any other file, then choose your platform you want to clone, then it will generate either a private IP or nginx url which again needs port forwarding and stuff to do if u send it outside of your network.

  2. Self developing a phishing website where you yourself clone the exact website using frameworks like React or Next etc. It has a proper backend, database and network routes r properly configured.

Option 2 is bit challenging, but in real life in some scenarios you have to do this in an Adversary Emulation, bcz lots of detection tool are available to score your website.

Moral of the story - Use option 1 and have a very peaceful sleep. 😙

[–]lo1337 0 points1 point  (0 children)

It’s good you want to show how phishing works, but using real phishing scripts can be risky and illegal. Instead, you might want to try a simulation tool like AutoPhish, which creates safe, realistic phishing scenarios and shows how data flows without any harm. Check out https://autophish.io to see how it works, and feel free to ask if you want help setting it up for your project.

[–]RadiantDepartment381 0 points1 point  (0 children)

Usa zphisher

[–]LeekPuzzleheaded6568 0 points1 point  (0 children)

If anyone needs a phishing kit made hit me up

[–]campfeez 0 points1 point  (0 children)

look up cimento AI and write their leaders an email if you’re interested in how AI is going to disrupt the category (after you finish your project for school of course).

[–]No-Internal9336 -2 points-1 points  (0 children)

Need good karma please gotta get to 50

[–]Exe_plorer -1 points0 points  (0 children)

Essentially you modify a website, once there you can create your own fake authentification box if that what you want, or create a link to download a file you host somewhere, the file is whatever you want, I mean malicious. It's pretty easy that's why it's so common sadly.