Hey Folks, in this tutorial we’re gonna use a tool that can convert a phishing link to a normal web link like Google or YouTube called “maskphish“. MaskPhish is a small and simple tool written in the bash language, which is used to hide phishing URLs under normal looking URLs (google.com or facebook.com).
Let’s take a look 🙂 !!
Similar at all the time now this time also we will download it first using the following command.This is a very small tool that does not require any additional dependencies, so we can use it in any android third party app. After downloading is done then we will go to the directory of this tool. That’s it we can boot this tool using the bash command.
git clone https://github.com/jaykali/maskphish
Done 🙂 !! Now here we have to enter the phishing URL that we want to modify.
We take help of advphishing tool to create an fake e-commerce website phishing page. You can see the full article on it from here.
After entering the phishing URL it tells us to enter the name of any domain behind which we want to hide. Finally after entering some social engineering words it successfully changes the phishing UR that you can see the image below.
Nice 🙂 !! The URL looks like the actual one, but the phishing page will open as soon as the victim clicks the link, as you can see.
Great 🙂 !! As soon as the victims enter their credentials on the phishing page, they will go to the attacker without their knowledge.
Also there is no better way to hide your phishing URLs behind well-known domains.