Skip to content

A very clunky script to broadly spam phishing email forms

License

Notifications You must be signed in to change notification settings

JeeZeh/credential-flooder

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Credential Flooder

I wrote this simple credential flooder to run against servers hosting phishing scams.


Typical Usage

Requires >=Python3.6

Find a server that's hosting some phishing scam and use this to target the POST form that ingests users' data.

You could use network tools in your browser to check where the data is going. If it's obscured, many phishing sites run on PHP with directory traversal on, some even keep a copy of the PHP in the directory above. Try snoop and see if you can find the source with even more info!

Examine the PHP and find what form headers it's looking for like 'email' and 'password'. Change the credential_flooder.py constants at the top as appropriate.

Clone and modify as appropriate :)

About

A very clunky script to broadly spam phishing email forms

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages