A comprehensive phishing framework for penetration testing and security research | Educational Purposes Only
This tool is designed exclusively for authorized security testing, penetration testing, and educational purposes in controlled environments. Unauthorized access to computer systems is illegal under laws such as the Computer Fraud and Abuse Act (CFAA) and equivalent legislation worldwide.
Usage of this tool against systems without explicit written authorization is strictly prohibited.
GreensPhisher is an automated bash-based phishing framework designed for ethical hackers, penetration testers, and security researchers to simulate social engineering attacks during authorized security assessments. The framework streamlines the deployment of phishing pages using ngrok for URL tunneling and provides a modular architecture for multiple social media platforms.
- Multi-Platform Support: Pre-configured phishing pages for Instagram, LinkedIn, Facebook, and Netflix
- Automated Deployment: One-command setup using ngrok for instant HTTPS tunneling
- HTTP Server Integration: Built-in Python3 HTTP server for hosting phishing pages
- Color-Coded UI: User-friendly terminal interface with intuitive navigation
- Dependency Management: Automatic detection and installation of required tools
- Process Management: Quick kill switch for cleanup of all active web servers and tunnels
Before running GreensPhisher, ensure your system meets the following requirements:
- OS: Linux (Debian/Ubuntu based systems recommended)
- Bash: Version 4.0+
- Python: Python 3.6 or higher
- Network Access: Stable internet connection for ngrok tunnel
- Permissions: Sudo access for package installation
- Tools Required:
wget- For downloading dependenciesunzip- For extracting filescurl- For API requests
git clone https://github.com/yourusername/GreensPhisher.git
cd GreensPhisherchmod +x greensphisher.sh./greensphisher.shThe script will automatically:
- Detect and install dependencies (ngrok, unzip, Python3.6)
- Download ngrok from the official Equinox distribution
- Extract necessary files
- Present the main menu
./greensphisher.shUpon execution, you'll be presented with the following options:
| Option | Description |
|---|---|
| 1 | Deploy Instagram phishing page |
| 2 | Deploy LinkedIn phishing page |
| 3 | Deploy Facebook phishing page |
| 4 | Deploy Netflix phishing page |
| 99 | Terminate all active ngrok tunnels and web servers |
| 00 | Exit the application |
1. Select option (1-4) for desired platform
2. Framework initializes target phishing page
3. ngrok tunnel launches on port 4444
4. Public HTTPS URL is generated and displayed
5. Phishing page hosted on HTTP server
6. Credentials captured in respective directory logs
GreensPhisher/
βββ README.md
βββ greensphisher.sh
βββ phishingpages/
β βββ instagram/
β β βββ index.html
β β βββ logs/
β βββ linkedin/
β β βββ index.html
β β βββ logs/
β βββ facebook/
β β βββ index.html
β β βββ logs/
β βββ netflix/
β βββ index.html
β βββ logs/
βββ ngrok (auto-downloaded)
Ngrok Integration: Provides secure HTTPS tunneling for localhost services, bypassing firewall restrictions and enabling external access to the phishing infrastructure.
Python HTTP Server: Lightweight web server instance serving phishing page content on port 4444, offering minimal resource overhead and rapid deployment.
Process Management: Implements background process spawning with proper signal handling for graceful cleanup and resource release.
Color-Coded Output: Terminal UI leverages ANSI color codes for enhanced readability and visual feedback during operation.
User Input β Platform Selection β Directory Navigation
β
Dependency Check β ngrok Tunnel Initialization β URL Extraction
β
HTTP Server Launch (Port 4444) β Public URL Display
β
Credential Capture β Logging to Platform Directory
- Always obtain written authorization before deploying this tool
- Use in isolated lab environments before field deployment
- Log all activities for compliance and audit purposes
- Document all URLs generated for post-assessment cleanup
- Use VPN/proxies to mask your testing source IP when appropriate
- Scope Definition: Clearly define the scope and objectives with stakeholders
- Consent: Ensure explicit, written consent from system owners
- Timeline: Execute tests within agreed time windows
- Documentation: Maintain comprehensive records of all activities
- Reporting: Deliver detailed findings with remediation recommendations
- Cleanup: Remove all traces of phishing infrastructure post-assessment
To terminate all active processes and tunnels, select option 99 from the main menu:
# This will execute:
killall ngrok
sudo pkill -9 python# Kill ngrok tunnels
killall ngrok
# Kill Python HTTP servers
sudo pkill -9 python
# Remove logs and temporary files
rm -rf phishingpages/*/logs/*Solution: Reinstall ngrok manually:
wget https://bin.equinox.io/c/4VmDzA7iaHb/ngrok-stable-linux-amd64.zip
unzip ngrok-stable-linux-amd64.zip
chmod +x ngrokSolution: Kill existing processes and try again:
sudo lsof -i :4444
sudo kill -9 <PID>Solution: Grant execute permissions:
chmod +x greensphisher.sh
sudo chmod +x ngrokSolution: Check your internet connection and ngrok account status:
./ngrok http 4444 # Test manually| Metric | Value |
|---|---|
| Startup Time | ~5-7 seconds |
| Tunnel Initialization | ~3 seconds |
| Memory Footprint | ~50-80 MB |
| Supported Platforms | 4 |
| Concurrent Sessions | 1 (extendable) |
# Update system packages
sudo apt-get update
sudo apt-get upgrade
# Reinstall Python
sudo apt-get install python3.6
# Update ngrok to latest version
./greensphisher.sh # Auto-update on first runTo understand phishing attacks and defense mechanisms:
- OWASP Social Engineering Guide
- NIST Phishing Prevention Guidelines
- CIS Controls for Social Engineering
- SANS Security Training
Contributions are welcome! Please ensure:
- Code Quality: Follow bash best practices
- Documentation: Update README for new features
- Testing: Test on clean Ubuntu/Debian systems
- Security: Never commit sensitive data or credentials
- Ethics: Maintain educational focus in contributions
- Fork the repository
- Create a feature branch (
git checkout -b feature/enhancement) - Commit changes (
git commit -m 'Add new feature') - Push to branch (
git push origin feature/enhancement) - Submit Pull Request with detailed description
This project is licensed under the MIT License - see the LICENSE file for details.
Note: You are responsible for complying with all applicable laws and regulations in your jurisdiction.
Madhav Shah
- π BTech Computer Engineering, SPIT
- π NASA Hall of Fame, WHO/LG Recognition
- π― Top 2% on TryHackMe
- π§ [email protected]
- π HackWidMaddy Community
This software is provided "AS IS" without warranty of any kind. The author assumes no responsibility for misuse or damage caused by this tool. Users are solely responsible for ensuring their usage complies with all applicable laws and regulations.
Unauthorized access to computer systems is illegal. Use this tool only on systems you own or have explicit permission to test.
For issues, questions, or contributions:
- GitHub Issues: Report a bug
- Email: [email protected]
- Documentation: Refer to inline code comments
Last Updated: November 2025
Status: Actively Maintained
"With great power comes great responsibility." - Use this tool ethically and legally.