Skip to content
/ sophish Public

The tool hosts a fake website which uses an iframe to display a legit website and, if the target allows it, it will fetch the Gps location (latitude and longitude) of the target, capture multiple pictures of the target along with IP Address and Device Information

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

letchupkt/sophish

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
all
all
 
 
cam
cam
 
 
gps
gps
 
 
ip
ip
 
 
README.md
README.md
 
 
banner.py
banner.py
 
 
port_forward.py
port_forward.py
 
 
requirements.txt
requirements.txt
 
 
sophish.py
sophish.py
 
 
urlmasker.py
urlmasker.py
 
 
utils.py
utils.py
 
 

Repository files navigation

🎣 SoPhish v1.2 - Advanced Phishing Tool

SoPhish is a powerful and advanced phishing tool built with Flask, offering modern phishing capabilities combined with clean UI and automation. It allows you to generate phishing pages, track device info and geolocation, mask malicious URLs to make them look legitimate, and forward captured data instantly to a Discord webhook.

⚠️ This tool is intended for educational and authorized testing purposes only. Do not use it for illegal activities.

🚀 Features

  • 🌐 URL Masking (with custom domains and phishing keywords)
  • 📍 Live Location Tracking (via GPS API and IP fallback)
  • 🧠 Device Fingerprinting (IP address, browser, OS, ISP)
  • 📷 Webcam Access & Snapshot Capture
  • 🛠️ Serveo/Cloudflare Port Forwarding
  • 🔔 Discord Webhook Integration (instant alert and data forwarding)
  • 🧩 Modular Design - Easy to add or customize templates

📸 Demo Screenshot

image

🔧 Setup Instructions

📥 Clone the Repository

git clone https://github.com/letchupkt/sophish.git
cd sophish

📦 Install Dependencies

pip install -r requirements.txt

⚙️ Configure Discord Webhook

Edit the config.json file and add your webhook URL:

{
  "webhook_url": "https://discord.com/api/webhooks/your_webhook_here"
}

🧪 Usage

▶️ Run the Tool

python3 main.py

🔗 What You Can Do

  • Choose between Cloudflare or Serveo for port forwarding
  • Automatically mask phishing links using multiple shorteners
  • Choose a phishing page template
  • Share masked phishing URL with target
  • Receive live updates on Discord when a target opens the link

📦 Output Example

Once the victim opens the phishing link:

  • 🔍 IP Address, ISP, Country, OS, Browser info collected
  • 🌍 Location coordinates retrieved (with fallback)
  • 📷 Webcam snapshot (if allowed by the target)
  • 📤 All data is logged and sent to your Discord webhook

🛠 Built With

  • Python 3
  • Flask – Backend Server
  • pyshorteners – URL Shortening
  • JavaScript – Webcam & device data
  • IPinfo / GPS APIs – For geolocation

⚠️ Legal Disclaimer

This tool is created for educational purposes only. Use it only in environments where you have explicit permission (e.g., your own devices, test labs, or authorized engagements).

The developer is not responsible for any misuse.

📫 Contact

Built with ❤️ by @letchu_pkt

If you find this project useful, feel free to ⭐ star this repo and share it with fellow security enthusiasts!

About

The tool hosts a fake website which uses an iframe to display a legit website and, if the target allows it, it will fetch the Gps location (latitude and longitude) of the target, capture multiple pictures of the target along with IP Address and Device Information

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages