AdvPhishing is a phishing tool which allows the user to access accounts on social media even if two-factor authentication is activated. AdvPhishing allows the user to gain the target’s username, password and latest one-time password (OTP) in real-time as the target is logging in. In addition to this the user can use AdvPhishing to obtain the target’s IP address. AdvPhishing is available on both Android and Linux.
AdvPhishing: OTP Bypass Phishing Tool
Before using AdvPhishing, the user is required to allow the target to access the local server using ‘ngrok’. ngrok will generate a token which the user must import into his local machine. Further details are available at the ngrok website.
After starting AdvPhishing, the user must select the target website from 15 different options. These options include popular websites such as Facebook, Instagram, Netflix and many more. After selecting the website, the tool will automatically download the prerequisite requirements for the website and wait for the ’ngrok’ tunnel to be activated. After the tunnel has been activated, a link will be generated which must be sent to the target. Once the link has been accessed, the target will see a clone version of the website where the target will naturally enter their confidential information and OTP.
Features:
- Produces life-like versions of popular websites.
- 15 different websites included in the current release.
- Easy to use
Tested on:
- Kali Linux – 2020.1a (version)
- Parrot OS – Rolling Edition (version)
- Ubuntu – 18.04 (version)
- Arch Linux
- Termux App
Requirements:
- sudo
- php
- apache2
- ngrok Token
AdvPhishing Install
Linux
Clone the GitHub repo:
$ git clone https://github.com/Ignitetch/AdvPhishing.git
Navigate to the working directory and install AdvPhishing with its prerequisite requirements:
$ cd AdvPhishing/
$ chmod +x setup.sh
$ sudo ./setup.sh
Kali and Termux (Android)
Clone the GitHub repo:
$ git clone https://github.com/Ignitetch/AdvPhishing.git
Navigate to the working directory and install AdvPhishing with its prerequisite requirments:
$ cd AdvPhishing/
$ chmod 777 setup.sh
$ ./setup.sh
Usage
To run, enter the following command:
$ sudo ./AdvPhishing.sh
███████ ██████ ██ ██ ██████ ██ ██ ██ ███████ ██ ██ ██ █ ██ ██ ██ █ ██ ██ ██ ██ ███████ ██ ██ ██ ██ ███ ██████ ███████ ██ ███████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██████ ████ ██ ██ ██ ██ ███████ ██████████████████████████████ OTP BYPASS PHISHING TOOL [v 1.0] [ Follow on Github :- https://github.com/Ignitetch ] ------------------------------------------------------------------- SELECT ANY ATTACK --------------------- > > >
[01] Zomato-TF0 [09] Instagram-Followers [99] Exit
[02] Facebook-TFO [10] Amazon-TFO
[03] Instagram-TFO [11] WhatsApp-TFO
[04] Uber Eats-TFO [12] Linkedin-TFO
[05] OLA-TFO [13] Hotstar-TFO
[06] Google-TFO [14] Spotify-TFO
[07] Paytm-TFO [15] Github-TFO
[08] Netflix-TFO [16] IPFinder
[+] Enter Your Choice :
Example:
███████ ██████ ██ ██ ██████ ██ ██ ██ ███████ ██ ██ ██ █ ██ ██ ██ █ ██ ██ ██ ██ ███████ ██ ██ ██ ██ ███ ██████ ███████ ██ ███████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██████ ████ ██ ██ ██ ██ ███████ ██████████████████████████████ OTP BYPASS PHISHING TOOL [v 1.0] [ Follow on Github :- https://github.com/Ignitetch ] ------------------------------------------------------------------- --------------------------- // [ Send This Link to Victim ] //
http://9bc643be.ngrok.io
http://9bc643be.ngrok.io // [ CREDENTIAL ] //
email=username
pass=password
approvals_code=123456