Thief Raccoon is a instrument designed for academic functions to show how phishing assaults will be carried out on numerous working techniques. This instrument is meant to lift consciousness about cybersecurity threats and assist customers perceive the significance of safety measures like 2FA and password administration.
Options
- Phishing simulation for Home windows 10, Home windows 11, Home windows XP, Home windows Server, Ubuntu, Ubuntu Server, and macOS.
- Seize person credentials for academic demonstrations.
- Customizable login screens that mimic actual working techniques.
- Full-screen mode to boost the phishing simulation.
Set up
Stipulations
- Python 3.x
- pip (Python bundle installer)
- ngrok (for exposing the native server to the web)
Obtain and Set up
- Clone the repository:
“`bash git clone https://github.com/davenisc/thief_raccoon.git cd thief_raccoon
- Set up python venv
“`bash apt set up python3.11-venv
- Create venv:
“`bash python -m venv raccoon_venv supply raccoon_venv/bin/activate
- Set up the required libraries:
“`bash pip set up -r necessities.txt
Utilization
- Run the principle script:
“`bash python app.py
- Choose the working system for the phishing simulation:
After working the script, you may be introduced with a menu to pick the working system. Enter the quantity comparable to the OS you wish to simulate.
- Entry the phishing web page:
In case you are on the identical native community (LAN), open your net browser and navigate to http://127.0.0.1:5000.
If you wish to make the phishing web page accessible over the web, use ngrok.
Utilizing ngrok
- Obtain and set up ngrok
Obtain ngrok from ngrok.com and observe the set up directions to your working system.
-
Expose your native server to the web:
-
Get the general public URL:
After working the above command, ngrok will offer you a public URL. Share this URL together with your take a look at topics to entry the phishing web page over the web.
Find out how to set up Ngrok on Linux?
- Set up ngrok through Apt with the next command:
“`bash curl -s https://ngrok-agent.s3.amazonaws.com/ngrok.asc | sudo tee /and so on/apt/trusted.gpg.d/ngrok.asc >/dev/null && echo “deb https://ngrok-agent.s3.amazonaws.com buster foremost” | sudo tee /and so on/apt/sources.checklist.d/ngrok.checklist && sudo apt replace && sudo apt set up ngrok
- Run the next command so as to add your authtoken to the default ngrok.yml
“`bash ngrok config add-authtoken xxxxxxxxx–your-token-xxxxxxxxxxxxxx
Deploy your app on-line
-
Put your app on-line at ephemeral area Forwarding to your upstream service. For instance, whether it is listening on port http://localhost:8080, run:
“`bash ngrok http http://localhost:5000
Instance
- Run the principle script:
“`bash python app.py
- Choose Home windows 11 from the menu:
“`bash Choose the working system for phishing: 1. Home windows 10 2. Home windows 11 3. Home windows XP 4. Home windows Server 5. Ubuntu 6. Ubuntu Server 7. macOS Enter the variety of your alternative: 2
- Entry the phishing web page:
Open your browser and go to http://127.0.0.1:5000 or the ngrok public URL.
Disclaimer
This instrument is meant for academic functions solely. The creator is just not chargeable for any misuse of this instrument. At all times get hold of express permission from the proprietor of the system earlier than conducting any phishing exams.
License
This challenge is licensed underneath the MIT License. See the LICENSE file for particulars.
ScreenShots
Credit
Developer: @davenisc Net: https://davenisc.com
