Monday, 1 February 2016

Weeman A HTTP Server for Phishing

Weeman – A HTTP Server for Phishing

Weeman is a HTTP server for phishing in python. Weeman has support for most of the (biggest) websites. Usually you will want run Weeman with DNS spoof attack. (see dsniff, ettercap).

What you can do with Weeman?

  1. You can create a fake html page.
  2. You can also wait for clients.
  3. It can also grab the data (POST).
  4. It can login to the client to the original page.

Latest Version:
Latest version of it is 1.1

What are the requirements?

  1. Python <= 2.7.
  2. Python BeautifulSoup 4

  • It can be tested on Linux but not on other OS.
  • Linux (any)
  • Mac (Not tested)
  • Windows (Not tested)

Run server:

For port 80 you need to run Weeman as root!
Host to clone (Ex:
set url http://localhost
“<"form action = "TAKE THIS URL">"(View the site source and take the URL)
set action_url http://localhost/sendlogin 
The port Weeman server will listen
set port 2020
Start the server

The settings will be saved for the next time you run


Usage of Weeman for attacking targets without prior mutual consent is illegal. Weeman developer not responsible to any damage caused by Weeman. This post is only knowledge purpose only.



Post a Comment

Note: only a member of this blog may post a comment.

Toggle Footer