UndeadSec
SocialFish
CSS

Phishing Tool & Information Collector

Last updated Jul 7, 2026
4.8k
Stars
1.4k
Forks
2
Issues
+8
Stars/day
Attention Score
85
Language breakdown
CSS 46.2%
Python 33.9%
HTML 19.8%
Dockerfile 0.2%
โ–ธ Files click to expand
README

SocialFish v3.0

Modern Dynamic Phishing Toolkit

SocialFish v3.0 brings powerful new features for cloning modern login pages, capturing cookies, and intercepting 2FA codes with a live operator panel.

๐Ÿ†• What's New in v3.0

  • Playwright Browser Automation โ€” Clone modern JS-heavy login pages
  • Full Cookie Capture & Analysis โ€” Detailed metadata, security attributes, auth tokens
  • Template System โ€” Save and reuse clones across multiple victims
  • Live OTP Interception Panel โ€” Real-time 2FA code capture and injection
  • MITM Reverse Proxy โ€” ngrok/cloudflared tunneling with auto-installation
  • 6 Clone Modes โ€” Login-only, cookies-only, or full capture
  • Multi-step Login Detection โ€” Automatic heuristics for complex flows (Office365, etc.)
  • Webhook Notifications โ€” Real-time alerts to Slack, Discord, custom APIs
  • Session Management โ€” Full session tracking with export to JSON/CSV
  • Network Interception โ€” Log all HTTP requests/responses
  • Victim Tracking โ€” Track clicks, IP addresses, geolocation, device type

๐Ÿ“– Documentation

๐Ÿš€ Quick Start

Option 1: Interactive Setup (Recommended)

python setup.py
This will:
  • Install all dependencies
  • Setup Playwright browsers
  • Initialize database
  • Configure tunneling (optional)
  • Display quick-start guide

Option 2: Manual Setup

pip install -r requirements.txt
playwright install chromium
python SocialFish.py admin password

Then access: http://localhost:5000/neptune

๐ŸŽฏ Basic Workflow

  • Create Template
/templates โ†’ New Template โ†’ Enter target URL
  • Setup Tunnel (optional, for remote testing)
Click "Tunnel" โ†’ Choose ngrok/cloudflared โ†’ Authorize
  • Generate Lure URL
Click "Lure" โ†’ Copy unguessable URL
  • Send to Victims
Distribute lure URL in emails, messages, etc.
  • Monitor in Real-Time
/sessions โ†’ View captured credentials, cookies, OTP codes
   /admin/otp_panel.html โ†’ Intercept & inject 2FA codes

๐Ÿ”ง Key Features

Templates Library

  • Save clone configurations
  • Reuse across multiple users
  • Clone modes: both (credentials + cookies), login (credentials only), cookies (session only)
  • Browser engines: Playwright (default), Selenium (optional)

Cookie Capture

  • Full cookie jar (domain, path, secure, httponly, samesite, expiry)
  • JavaScript cookie interception
  • Auth token detection
  • Security attribute analysis
  • Export to JSON/CSV

Live OTP Panel

  • WebSocket-based real-time communication
  • Display victim session details
  • Wait for OTP codes (manual or automatic)
  • Inject OTP back to victim's browser
  • Network activity monitoring

MITM & Reverse Proxy

  • Auto-setup ngrok or cloudflared tunnels
  • Reverse proxy all victim traffic
  • Automatic cookie + credential capture
  • No setup overhead

Webhook Notifications

  • Slack, Discord, custom APIs
  • Triggerable on credential submit, OTP received, session created
  • JSON, form-encoded, or XML payloads

Multi-step & 2FA Detection

  • Automatic heuristics for complex flows
  • OTP endpoint detection
  • Manual breakpoints for user interaction
  • 2FA indicators in analytics

๐Ÿ“Š Supported Sites

Works with any login page that uses:

  • โœ… HTML forms
  • โœ… JavaScript form submission
  • โœ… XHR/fetch-based authentication
  • โœ… SPA logins (React, Vue, Angular)
  • โœ… 2FA/OTP flows
  • โœ… Multi-step authentication (Office365, Gmail, GitHub, etc.)

๐ŸŒ API & CLI

Web API

# List templates
curl http://localhost:5000/templates

Generate lure URL

curl -X POST http://localhost:5000/lure/generate \ -d "template_id=1"

View session

curl http://localhost:5000/session/1

CLI Commands

# Setup
python setup.py                    # Interactive setup

Tunneling

python core/tunnel_manager.py setup python core/tunnel_manager.py start --type ngrok

Database

python core/db_migration.py

๐Ÿ“‚ Project Structure

SocialFish/
โ”œโ”€โ”€ SocialFish.py               # Main Flask app
โ”œโ”€โ”€ setup.py                    # Interactive setup wizard
โ”œโ”€โ”€ FEATURES_v3.md             # Feature documentation
โ”œโ”€โ”€ IMPLEMENTATION_SUMMARY.md   # Technical details
โ”œโ”€โ”€ core/
โ”‚   โ”œโ”€โ”€ recorder_playwright.py  # Browser automation
โ”‚   โ”œโ”€โ”€ cookie_inspector.py     # Cookie analysis
โ”‚   โ”œโ”€โ”€ tunnel_manager.py       # Tunneling support
โ”‚   โ”œโ”€โ”€ db_migration.py         # Database schema
โ”‚   โ””โ”€โ”€ ... (other modules)
โ””โ”€โ”€ templates/
    โ””โ”€โ”€ admin/
        โ”œโ”€โ”€ templates.html      # Templates library UI
        โ”œโ”€โ”€ otp_panel.html     # OTP interception UI
        โ”œโ”€โ”€ sessions.html       # Session management UI
        โ””โ”€โ”€ ... (other templates)

๐Ÿ” Security & Ethics

โš ๏ธ EDUCATIONAL USE ONLY

  • โœ… Consent Required โ€” Only test systems you own or have explicit written permission for
  • โœ… Audit Logging โ€” All operations logged with user attribution
  • โœ… Data Protection โ€” Implement proper data retention policies
  • โœ… GDPR Compliance โ€” Comply with local privacy regulations
  • โœ… Disclosure โ€” Report vulnerabilities responsibly
See CODEOFCONDUCT.md and LICENSE for details.

๐Ÿ“ฑ Mobile Controller

Looking for the mobile controller? Check SocialFishMobile

โš–๏ธ Disclaimer

TO BE USED FOR EDUCATIONAL PURPOSES ONLY

The use of the SocialFish is COMPLETE RESPONSIBILITY of the END-USER. Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program.

"DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."

Taken from LICENSE.

๐Ÿณ Docker

Run with Docker:

docker compose up


Status: Production-ready for authorized security testing and red team exercises

CONTRIBUTING

Open Source Helpers

We encourage you to contribute to SocialFish! Please check out the Contributing to SocialFish guide for guidelines about how to proceed. Join us!

Special Contributors

@carinamary2448 - https://github.com/carinamary2448

ยฉ 2026 GitRepoTrend ยท UndeadSec/SocialFish ยท Updated daily from GitHub