Watch the same as video : CLICK HERE
Have you seen these messages popping up in your mail inbox or as forwarded messages in
your whatsapp claiming free likes and followers for your social media accounts or get a chance
to win a free iphone. If you have ignored them and if not here comes the real problem,you click on the link and go to their website and you provide your credentials there and end up being here. No matter how hard your password is to crack hacker is still being able to get it, and that's because you are the one actually entering it by yourself.
This way of stealing user's credentials iscalled phishing.
Phishing is the most popular social engineering attack.Now in this video i am going to show you the complete process of a social engineering attack from start to finish, How it actually happens.There are many pre-build tools available on the internet to perform phishing attacks .As of now i am using the advance phishing tool.Click the link given in the description or search advance phishing github. Now copy the code.Now create a directory on the desktop,now using the gitclone command create a clone of the github repository on the desktop. After cloning you will find a file with the name setup.sh. Now make this file executable using the command.
Now run the file.
It will ask you for a ngrok authentication token. Now create an account in the ngrok and you can find the authtoken in the authentication secution. Now run the file. You can select any number of your choice and make a clone of it .As of now i am selecting facebook(2).
You can use any of the link and send it to the victim.
Whenever the victim clicks on the link and enters username and password through the phishing
link they appear in the terminal. Now any person with the basic knowledge of internet can identify that it is not a genuine website by looking at the url of the page.There is a tool called dnstwist which will generate phishing domains. Phishing domains are the domains which look similar to the original domain but with minute changes. Generally most of the victims cannot identify the difference between original domain and a phishing domain.
Now to use the dnstwist tool click on the link given in the description. Now copy the code and create a directory on the desktop and clone the dnstwist tool using gitclone.
Since i have already cloned the tool in my machine let's execute the file dnstwist.py using this command .Now it's time to find a convincing domain from the list and check the availability of the domain and perform the attack.
Share and follow our blog.
![Whatsapp Hacking [ without touching the victim's phone ]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy_sVsls4Xe3xHMR0I4KV1Zud7YExlVFMYmdhbUn2O0ujjK5F46FGhyQL5vrf-hZOLhKfpwI711-pPjAoV5nDFmViiaop_Gpii4ymALTESnWDofpcHxPY4zas0rwC6TB34J2YvksK3KE0/w680/5d5afc65771232b3a5cc29b23ef7773e.jpg)
0 Comments