Thief Raccoon is a software designed for academic functions to reveal how phishing assaults may be performed on varied working methods. This software is meant to boost consciousness about cybersecurity threats and assist customers perceive the significance of safety measures like 2FA and password administration.
Options
- Phishing simulation for Home windows 10, Home windows 11, Home windows XP, Home windows Server, Ubuntu, Ubuntu Server, and macOS.
- Seize person credentials for academic demonstrations.
- Customizable login screens that mimic actual working methods.
- Full-screen mode to boost the phishing simulation.
Set up
Stipulations
- Python 3.x
- pip (Python bundle installer)
- ngrok (for exposing the native server to the web)
Obtain and Set up
- Clone the repository:
“`bash git clone https://github.com/davenisc/thief_raccoon.git cd thief_raccoon
- Set up python venv
“`bash apt set up python3.11-venv
- Create venv:
“`bash python -m venv raccoon_venv supply raccoon_venv/bin/activate
- Set up the required libraries:
“`bash pip set up -r necessities.txt
Utilization
- Run the primary script:
“`bash python app.py
- Choose the working system for the phishing simulation:
After operating the script, you’ll be offered with a menu to pick the working system. Enter the quantity akin to the OS you need to simulate.
- Entry the phishing web page:
If you’re on the identical native community (LAN), open your net browser and navigate to http://127.0.0.1:5000.
If you wish to make the phishing web page accessible over the web, use ngrok.
Utilizing ngrok
- Obtain and set up ngrok
Obtain ngrok from ngrok.com and comply with the set up directions to your working system.
-
Expose your native server to the web:
-
Get the general public URL:
After operating the above command, ngrok will give you a public URL. Share this URL along with your check topics to entry the phishing web page over the web.
Learn how to set up Ngrok on Linux?
- Set up ngrok by way of Apt with the next command:
“`bash curl -s https://ngrok-agent.s3.amazonaws.com/ngrok.asc | sudo tee /and many others/apt/trusted.gpg.d/ngrok.asc >/dev/null && echo “deb https://ngrok-agent.s3.amazonaws.com buster predominant” | sudo tee /and many others/apt/sources.listing.d/ngrok.listing && sudo apt replace && sudo apt set up ngrok
- Run the next command so as to add your authtoken to the default ngrok.yml
“`bash ngrok config add-authtoken xxxxxxxxx–your-token-xxxxxxxxxxxxxx
Deploy your app on-line
-
Put your app on-line at ephemeral area Forwarding to your upstream service. For instance, whether it is listening on port http://localhost:8080, run:
“`bash ngrok http http://localhost:5000
Instance
- Run the primary script:
“`bash python app.py
- Choose Home windows 11 from the menu:
“`bash Choose the working system for phishing: 1. Home windows 10 2. Home windows 11 3. Home windows XP 4. Home windows Server 5. Ubuntu 6. Ubuntu Server 7. macOS Enter the variety of your selection: 2
- Entry the phishing web page:
Open your browser and go to http://127.0.0.1:5000 or the ngrok public URL.
Disclaimer
This software is meant for academic functions solely. The creator will not be liable for any misuse of this software. At all times receive specific permission from the proprietor of the system earlier than conducting any phishing checks.
License
This undertaking is licensed below the MIT License. See the LICENSE file for particulars.
ScreenShots
Credit
Developer: @davenisc Internet: https://davenisc.com