maskphish
Introducing "URL Making Technology" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.
Top Related Projects
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Open-Source Phishing Toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
Quick Overview
MaskPhish is a simple bash script designed to hide phishing URLs behind legitimate-looking URLs. It's primarily used for educational purposes and penetration testing, allowing users to create masked links that can potentially bypass spam filters and appear more trustworthy to targets.
Pros
- Easy to use with a simple command-line interface
- Supports multiple URL shortening services
- Can generate QR codes for masked links
- Lightweight and doesn't require complex dependencies
Cons
- Can be misused for malicious purposes
- Limited customization options
- Relies on third-party URL shortening services
- May not work if URL shortening services change their APIs or become unavailable
Getting Started
To use MaskPhish, follow these steps:
-
Clone the repository:
git clone https://github.com/jaykali/maskphish.git
-
Navigate to the MaskPhish directory:
cd maskphish
-
Make the script executable:
chmod +x maskphish.sh
-
Run the script:
./maskphish.sh
-
Follow the prompts to enter your phishing URL and choose a masking domain.
Note: Use this tool responsibly and only for authorized testing purposes. Phishing and social engineering attacks are illegal without proper consent.
Competitor Comparisons
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Pros of zphisher
- More comprehensive phishing toolkit with 30+ templates
- Includes tunneling options (Cloudflared, Ngrok, Localhostrun)
- Active development with frequent updates
Cons of zphisher
- Larger codebase, potentially more complex to use
- May require more setup and dependencies
Code Comparison
maskphish:
url_checker() {
if [ ! "${1//:*}" = http ]; then
if [ ! "${1//:*}" = https ]; then
echo -e "\e[31m[!] Invalid URL. Please use http or https.\e[0m"
exit 1
fi
fi
}
zphisher:
tunnel_menu() {
if [[ -e ".cld.log" ]]; then
rm -rf ".cld.log"
fi
printf "\n${RED}[${WHITE}-${RED}]${GREEN} Select a tunneling option:\n"
printf "${CYAN}[${WHITE}01${CYAN}]${YELLOW} Localhost\n"
printf "${CYAN}[${WHITE}02${CYAN}]${YELLOW} Ngrok\n"
printf "${CYAN}[${WHITE}03${CYAN}]${YELLOW} Cloudflared\n"
read -p "${RED}[${WHITE}-${RED}]${GREEN} Select a option: ${BLUE}"
}
Open-Source Phishing Toolkit
Pros of Gophish
- More comprehensive phishing simulation platform
- Supports email campaigns, landing pages, and user management
- Active development with regular updates and community support
Cons of Gophish
- More complex setup and configuration required
- Steeper learning curve for beginners
- Requires more resources to run (database, web server)
Code Comparison
Maskphish (URL masking):
echo -e "\n${RED}[${WHITE}+${RED}]${GREEN} Masking Domain ${RED}[${WHITE}+${RED}]${CYAN}"
echo -e ${BLUE}
read -p "Enter Phishing URL: " phish
short=$(curl -s https://is.gd/create.php\?format\=simple\&url\=${phish})
shorter=${short#https://}
Gophish (campaign creation):
campaign := models.Campaign{
Name: c.Name,
UserId: c.UserId,
Template: c.Template,
Page: c.Page,
SMTP: c.SMTP,
URL: c.URL,
LaunchDate: c.LaunchDate,
SendByDate: c.SendByDate,
Groups: c.Groups,
ResultsEmail: c.ResultsEmail,
}
While Maskphish focuses on URL masking for phishing links, Gophish provides a more comprehensive platform for creating and managing phishing campaigns. Gophish offers greater flexibility and features but requires more setup and resources. Maskphish is simpler to use but limited in scope compared to Gophish's full-fledged phishing simulation capabilities.
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
Pros of Social-Engineer-Toolkit
- More comprehensive toolset for various social engineering attacks
- Actively maintained with regular updates and contributions
- Supports multiple attack vectors and customization options
Cons of Social-Engineer-Toolkit
- Steeper learning curve due to its extensive features
- Requires more setup and dependencies
- May be overkill for simple phishing tasks
Code Comparison
MaskPhish (URL masking):
echo -e "\n${RED}[${WHITE}+${RED}]${GREEN} Enter Phishing URL (with http or https): ${BLUE}"
read phish
url_checker $phish
Social-Engineer-Toolkit (Phishing module):
if attack_vector == "1":
sys.path.append("src/webattack/web_clone/")
try:
module_reload(clone)
except:
import clone
Both tools focus on phishing, but Social-Engineer-Toolkit offers a broader range of attack vectors and more sophisticated options. MaskPhish is simpler and specifically designed for URL masking, while Social-Engineer-Toolkit provides a comprehensive framework for various social engineering techniques.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
ð¨âð»ï¸ Author : jaykali
ð¥ MaskPhish
MaskPhish is not any Phishing tool. It's just a proof of concept of "URL Making Technology". It is a simple Bash Script to hide phishing URL under a normal looking URL (google.com or facebook.com). It can be integrated into Phishing tools (with proper credits) to look the URL ledgit.
âï¸ Legal Disclaimer:
FOR EDUCATIONAL PURPOSES ONLY
Usage of MaskPhish for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Use Responsibly!
Common Issue
Sometimes Masked link is not generating properly. In that case we need to use VPN/proxy, then use maskphish to generate masked link.
ð» Installation
# Clone the repository
git clone https://github.com/jaykali/maskphish
# Enter into the directory
cd maskphish
# Run the script
bash maskphish.sh
- Tested on Kali Linux, Termux & Ubuntu
- Detailed Article can be found here
- Want to discuss something? Start discussions click here
ð¼ï¸ Screenshot
â¤ï¸ Contributors:
You can propose a feature request opening an issue or a pull request. Here is a list of MaskPhish contributors:
Top Related Projects
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Open-Source Phishing Toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot