# ignitetch/advphishing

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/ignitetch-advphishing).**

3,112 stars · 818 forks · Hack

## Links

- GitHub: https://github.com/Ignitetch/AdvPhishing
- awesome-repositories: https://awesome-repositories.com/repository/ignitetch-advphishing.md

## Topics

`advancephishing` `amazone-tfo` `facebook-otp` `google-otp` `hotstar-phishing` `informationgathering` `iplocator` `latest-phishing` `linkedin-otp` `ola-phishing` `otp-phishing` `otp-verification` `otpbypass` `paytm-otp` `paytm-phishing` `phishing` `tiktok-phishing` `ubereats-phishing` `whatsapp-otp` `zomato-phishing`

## Description

AdvPhishing is a tool for social engineering simulations and credential harvesting testing. It generates deceptive web interfaces, including cloned service provider pages and pre-made layouts that mimic payment and social media platforms, to capture user login details.

The tool manages the end-to-end deployment of phishing campaigns by routing captured credentials to a specified email address via an integrated SMTP mail delivery mechanism. It includes utilities for exposing a local development server to the public internet through secure tunneling and redirects users to legitimate third-party destinations after data capture to hide deceptive activity.

Broad capabilities cover deceptive page generation, mail identity configuration for data exfiltration, and network traffic management.

## Tags

### Security & Cryptography

- [Credential Harvesting Simulations](https://awesome-repositories.com/f/security-cryptography/credential-harvesting-simulations.md) — Mimics login portals to test organizational susceptibility to credential theft and phishing.
- [Data Exfiltration Tools](https://awesome-repositories.com/f/security-cryptography/data-exfiltration-tools.md) — Provides an integrated SMTP mechanism to exfiltrate captured credentials to a remote recipient.
- [Web Form Credential Captures](https://awesome-repositories.com/f/security-cryptography/identity-access-management/credential-lifecycle-management/credential-security/credential-extraction-utilities/network-credential-capturers/remote-service-credential-captures/web-form-credential-captures.md) — Captures login details directly from deceptive web pages for transmission to an email address. ([source](https://github.com/Ignitetch/AdvPhishing/blob/master/README.md))
- [Social Engineering Simulations](https://awesome-repositories.com/f/security-cryptography/social-engineering-simulations.md) — Creates deceptive login and landing sites to simulate and test human vulnerabilities in security.
- [Phishing Page Generators](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/web-application-penetration-testing/phishing-page-generators.md) — Creates realistic, deceptive login interfaces used to simulate credential harvesting attacks. ([source](https://github.com/Ignitetch/AdvPhishing/blob/master/secnhack))

### Part of an Awesome List

- [Data Exfiltration](https://awesome-repositories.com/f/awesome-lists/security/data-exfiltration.md) — Employs techniques to move captured sensitive credentials out of the network via email. ([source](https://github.com/Ignitetch/AdvPhishing#readme))

### Data & Databases

- [Event Capture](https://awesome-repositories.com/f/data-databases/event-capture.md) — Intercepts form submission events to extract user-inputted data for credential harvesting.

### Development Tools & Productivity

- [Phishing Campaign Orchestrators](https://awesome-repositories.com/f/development-tools-productivity/email-delivery-services/phishing-campaign-orchestrators.md) — Coordinates the deployment of deceptive pages and the routing of captured data in security simulations.

### User Interface & Experience

- [Deceptive Pages](https://awesome-repositories.com/f/user-interface-experience/page-layout-templates/deceptive-pages.md) — Generates deceptive web interfaces using pre-defined layouts to trick users into revealing data.

### Networking & Communication

- [Local Server Tunnels](https://awesome-repositories.com/f/networking-communication/local-server-tunnels.md) — Exposes a local development server to the public internet via a secure tunnel.
- [Automatic Traffic Redirection Handlers](https://awesome-repositories.com/f/networking-communication/traffic-redirection-tools/automatic-traffic-redirection-handlers.md) — Implements application-layer redirection to forward users to a legitimate site after a phishing request. ([source](https://github.com/Ignitetch/AdvPhishing/blob/master/post.php))

### Web Development

- [Phishing Templates](https://awesome-repositories.com/f/web-development/custom-template-tags/phishing-templates.md) — Provides pre-made HTML and CSS layouts that mimic popular social media and payment platforms. ([source](https://github.com/Ignitetch/AdvPhishing/tree/master/sites))
- [Service Provider Clones](https://awesome-repositories.com/f/web-development/html-templating-engines/phishing-page-generators/service-provider-clones.md) — Generates cloned login pages for various service providers to deceive users into submitting credentials. ([source](https://github.com/Ignitetch/AdvPhishing#readme))
- [URL Redirections](https://awesome-repositories.com/f/web-development/url-routing/redirection-rules/geographic-redirection/url-redirections.md) — Redirects users to legitimate third-party URLs after data capture to mask deceptive activity.