Weeman – A HTTP Server for Phishing
Weeman is a HTTP server for phishing in python. Weeman has support for most of the (biggest) websites. Usually you will want run Weeman with DNS spoof attack. (see dsniff, ettercap).
What you can do with Weeman?
- You can create a fake html page.
- You can also wait for clients.
- It can also grab the data (POST).
- It can login to the client to the original page.
Latest version of it is 1.1
What are the requirements?
- Python <= 2.7.
- Python BeautifulSoup 4
- It can be tested on Linux but not on other OS.
- Linux (any)
- Mac (Not tested)
- Windows (Not tested)
For port 80 you need to run Weeman as root!
Host to clone (Ex: www.social-networks.local)
set url http://localhost
“<"form action = "TAKE THIS URL">"(View the site source and take the URL)
set action_url http://localhost/sendlogin
The port Weeman server will listen
set port 2020
Start the server
The settings will be saved for the next time you run weeman.py.
Usage of Weeman for attacking targets without prior mutual consent is illegal. Weeman developer not responsible to any damage caused by Weeman. This post is only knowledge purpose only.