FiercePhish

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notification options.

Supported Operating Systems

• Ubuntu 16.04
• Ubuntu 16.10

Automated Install

Recommended Prerequisites

• Purchase a domain name to send emails from

This isn’t required, but it is heavily suggested. Phishing campaigns where you spoof an active domain you don’t own are extremely susceptible to being spam filtered (unless the domain’s SPF record is improperly configured). The best way to perform a phishing campaign is by buying a generic domain that can fool someone (“yourfilehost.com”) or a domain that is very similar to a real domain (“microsoft-secure.com”).

Installation Method #1 (remote curl download)

This method is probably the easiest way to install/configure everything. It is a fully unattended installation (aside from the beginning).

1. You must run the installer as root:
   

   sudo su

    

    

2. Generate the configuration file:
   

   curl https://raw.githubusercontent.com/Raikia/FiercePhish/master/install.sh | bash

    

    

3. This will create a configuration file located at “~/fiercephish.config”. You must edit this file before moving on!

Click here for a detailed description of the configuration variables

4. Once “CONFIGURED=true” is set in the configuration file, re-run the install script:
   

   curl https://raw.githubusercontent.com/Raikia/FiercePhish/master/install.sh | bash

    

    

5. Sit and wait. The installation could take anywhere from 5-15 minutes depending on your server’s download speed.
6. Once the installation completes, follow the instructions it prints out. It will tell you what DNS entries to set.

Installation Method #2 (local installation run)

This method is just as easy as method #1, but the install will prompt you as it runs for the information it requires (as opposed to using a configuration file like method #1).

1. You must run the installer as root:
   

   sudo su

    

    

2. Download the configuration file:
   

   wget https://raw.githubusercontent.com/Raikia/FiercePhish/master/install.sh

    

    

3. Set the installer as executable:
   

   chmod +x install.sh

    

    

4. Run the installer:
   

   ./install.sh

    

    

The installer will prompt you for the same information as is described in the configuration file for method #1. See that wiki page for information on what to provide.

5. Sit and wait. The installation could take anywhere from 5-15 minutes depending on your server’s download speed.
6. Once the installation completes, follow the instructions it prints out. It will tell you what DNS entries to set.

Updating

As of FiercePhish v1.2.0, an update script is included. Versions prior to 1.2.0 are not compatible with 1.2.0 and later, so you’ll have to do a fresh install (or read the wiki).

To update FiercePhish, simply run:

 sudo ./update.sh

Usage

https://github.com/Raikia/FiercePhish/wiki