X3rz/blackeye Info

Supports Ngrok to move attacks beyond a Local Area Network (LAN).

BlackEye demonstrates how easy it is to clone a login page and capture credentials using basic PHP + port forwarding. While useful for penetration testers and red teams, its simplicity also means it's a low-skill tool commonly abused by beginners. Defenders should focus on layered security controls and user awareness rather than relying on domain blacklisting alone. x3rz/blackeye

Allows users to create or modify custom templates for specific targets. Real-time credential harvesting and logging of victim data. Core Functionality and Templates Supports Ngrok to move attacks beyond a Local

Install missing dependencies:

(often referred to simply as Blackeye) is a widely recognized, open-source phishing simulation tool designed for ethical hacking and social engineering security testing . It is an enhanced version of the original ShellPhish tool, offering a comprehensive suite of over 32 pre-built templates for popular websites like Facebook, Instagram, and Google. By integrating with tunneling services such as Ngrok, it allows security professionals to host these pages online and capture submitted credentials in real time for training and awareness purposes. Description Templates Defenders should focus on layered security controls and

Only deploy against systems you own or have explicit written permission to test. Unauthorized use violates:

sites/[platform]/ directory). Installation & Setup To run BlackEye on a Linux system (like Kali Linux), you typically follow these steps: Clone the Repository: bash git clone https://github.com cd blackeye Use code with caution. Copied to clipboard Permissions: Ensure the script is executable. bash chmod +x blackeye.sh Use code with caution. Copied to clipboard Launch: Run the script with root privileges. bash sudo ./blackeye.sh Use code with caution. Copied to clipboard Execution Workflow Select Target: Upon launching, you are presented with a numbered list of platforms (e.g., 1 for Instagram, 2 for Facebook). Choose Tunneling Service: You select how to expose the site to the web (e.g., Ngrok). Send the Link: The tool generates a URL. In a real-world scenario, an attacker would use address spoofing or social engineering to convince a user to click this link. Monitor Results: When the victim interacts with the page, the terminal updates in real-time with captured IP addresses and login credentials. Instagram Security & Ethics Warning Legal Use: This tool should