Skip to content

Crafted a spoofed website login page mimicking a legitimate website and designed a phishing email to simulate credential harvesting

Notifications You must be signed in to change notification settings

aaront999/Credential-Harvesting-with-Setoolkit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 

Repository files navigation

Credential Harvesting with Setoolkit

Project Overview:

In this project, I created spoofed login pages replicating legitimate websites to demonstrate the functionality of Setoolkit. Furthermore, to extend this attack simulation I replicated Google’s login page and designed a fake Google Support phishing email to showcase the methods and risks involved in real-world credential harvesting attacks, also known as pharming.

  • This attack technique involves redirecting a website's traffic to a fake site and installing a malicious program on the victim's computer to gain access or even mimic a financial institution for monetary gain.

Disclaimer: This project is conducted solely for educational and research purposes within a controlled environment. Unauthorized use of these techniques against real businesses or individuals is illegal and unethical.

Setup and Execution:

To ensure a safe testing environment, I built a home lab using VMware Workstation Pro as my primary virtual machine and installed Kali Linux as the operating system. This setup allows the simulation of attacks in an isolated and secure environment.

Programs we will be using:

  • VMware Workstation Pro: https://www.broadcom.com/
    • You must create an account
    • Click the drop down menu in the upper right corner and select "VMware Cloud Foundation"
    • Search for VMware Workstation Pro
    • Download for personal use on Windows or Linux
  • Kali Linux: https://www.kali.org/get-kali/#kali-virtual-machines
    • For Microsoft Windows: After installing, add the Kali Linux downloaded file as an exclusion in Windows Security > Virus & Threat Protection > Manage Settings > Add or Remove Exclusions > Add Kali Linux.
    • Extract all the files, and it can now be used on VMware as your disk image

Vulnerable Website Links:

About

Crafted a spoofed website login page mimicking a legitimate website and designed a phishing email to simulate credential harvesting

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published