Convert Figma logo to code with AI

jaykali logomaskphish

Introducing "URL Making Technology" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.

2,381
320
2,381
1
View on GitHub

Top Related Projects

htr-tech's avatar

zphisher

11,081

An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

gophish's avatar

gophish

11,203

Open-Source Phishing Toolkit

trustedsec's avatar

social-engineer-toolkit

10,692

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Quick Overview

MaskPhish is a simple bash script designed to hide phishing URLs behind legitimate-looking URLs. It's primarily used for educational purposes and penetration testing, allowing users to create masked links that can potentially bypass spam filters and appear more trustworthy to targets.

Pros

  • Easy to use with a simple command-line interface
  • Supports multiple URL shortening services
  • Can generate QR codes for masked links
  • Lightweight and doesn't require complex dependencies

Cons

  • Can be misused for malicious purposes
  • Limited customization options
  • Relies on third-party URL shortening services
  • May not work if URL shortening services change their APIs or become unavailable

Getting Started

To use MaskPhish, follow these steps:

  1. Clone the repository:

    git clone https://github.com/jaykali/maskphish.git

  2. Navigate to the MaskPhish directory:

    cd maskphish

  3. Make the script executable:

    chmod +x maskphish.sh

  4. Run the script:

    ./maskphish.sh

  5. Follow the prompts to enter your phishing URL and choose a masking domain.

Note: Use this tool responsibly and only for authorized testing purposes. Phishing and social engineering attacks are illegal without proper consent.

Competitor Comparisons

htr-tech logo

zphisher

11,081

An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

Pros of zphisher

  • More comprehensive phishing toolkit with 30+ templates
  • Includes tunneling options (Cloudflared, Ngrok, Localhostrun)
  • Active development with frequent updates

Cons of zphisher

  • Larger codebase, potentially more complex to use
  • May require more setup and dependencies

Code Comparison

maskphish:

url_checker() {
    if [ ! "${1//:*}" = http ]; then
        if [ ! "${1//:*}" = https ]; then
            echo -e "\e[31m[!] Invalid URL. Please use http or https.\e[0m"
            exit 1
        fi
    fi
}

zphisher:

tunnel_menu() {
    if [[ -e ".cld.log" ]]; then
        rm -rf ".cld.log"
    fi
    printf "\n${RED}[${WHITE}-${RED}]${GREEN} Select a tunneling option:\n"
    printf "${CYAN}[${WHITE}01${CYAN}]${YELLOW} Localhost\n"
    printf "${CYAN}[${WHITE}02${CYAN}]${YELLOW} Ngrok\n"
    printf "${CYAN}[${WHITE}03${CYAN}]${YELLOW} Cloudflared\n"
    read -p "${RED}[${WHITE}-${RED}]${GREEN} Select a option: ${BLUE}"
}
gophish logo

gophish

11,203

Open-Source Phishing Toolkit

Pros of Gophish

  • More comprehensive phishing simulation platform
  • Supports email campaigns, landing pages, and user management
  • Active development with regular updates and community support

Cons of Gophish

  • More complex setup and configuration required
  • Steeper learning curve for beginners
  • Requires more resources to run (database, web server)

Code Comparison

Maskphish (URL masking):

echo -e "\n${RED}[${WHITE}+${RED}]${GREEN} Masking Domain ${RED}[${WHITE}+${RED}]${CYAN}"
echo -e ${BLUE}
read -p "Enter Phishing URL: " phish
short=$(curl -s https://is.gd/create.php\?format\=simple\&url\=${phish})
shorter=${short#https://}

Gophish (campaign creation):

campaign := models.Campaign{
    Name:          c.Name,
    UserId:        c.UserId,
    Template:      c.Template,
    Page:          c.Page,
    SMTP:          c.SMTP,
    URL:           c.URL,
    LaunchDate:    c.LaunchDate,
    SendByDate:    c.SendByDate,
    Groups:        c.Groups,
    ResultsEmail:  c.ResultsEmail,
}

While Maskphish focuses on URL masking for phishing links, Gophish provides a more comprehensive platform for creating and managing phishing campaigns. Gophish offers greater flexibility and features but requires more setup and resources. Maskphish is simpler to use but limited in scope compared to Gophish's full-fledged phishing simulation capabilities.

trustedsec logo

social-engineer-toolkit

10,692

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Pros of Social-Engineer-Toolkit

  • More comprehensive toolset for various social engineering attacks
  • Actively maintained with regular updates and contributions
  • Supports multiple attack vectors and customization options

Cons of Social-Engineer-Toolkit

  • Steeper learning curve due to its extensive features
  • Requires more setup and dependencies
  • May be overkill for simple phishing tasks

Code Comparison

MaskPhish (URL masking):

echo -e "\n${RED}[${WHITE}+${RED}]${GREEN} Enter Phishing URL (with http or https): ${BLUE}"
read phish
url_checker $phish

Social-Engineer-Toolkit (Phishing module):

if attack_vector == "1":
    sys.path.append("src/webattack/web_clone/")
    try:
        module_reload(clone)
    except:
        import clone

Both tools focus on phishing, but Social-Engineer-Toolkit offers a broader range of attack vectors and more sophisticated options. MaskPhish is simpler and specifically designed for URL masking, while Social-Engineer-Toolkit provides a comprehensive framework for various social engineering techniques.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

👨‍💻️ Author : jaykali


🔥 MaskPhish

MaskPhish is not any Phishing tool. It's just a proof of concept of "URL Making Technology". It is a simple Bash Script to hide phishing URL under a normal looking URL (google.com or facebook.com). It can be integrated into Phishing tools (with proper credits) to look the URL ledgit.


⚖️ Legal Disclaimer:

FOR EDUCATIONAL PURPOSES ONLY
Usage of MaskPhish for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Use Responsibly!


Common Issue

Sometimes Masked link is not generating properly. In that case we need to use VPN/proxy, then use maskphish to generate masked link.

💻 Installation

# Clone the repository 
git clone https://github.com/jaykali/maskphish

# Enter into the directory
cd maskphish

# Run the script
bash maskphish.sh

  • Tested on Kali Linux, Termux & Ubuntu
  • Detailed Article can be found here
  • Want to discuss something? Start discussions click here

🖼️ Screenshot


❤️ Contributors:

You can propose a feature request opening an issue or a pull request. Here is a list of MaskPhish contributors: