CredSniper
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
Overview
CredSniper is a tool that allows users to easily launch a new phishing site with SSL support. It captures credentials along with 2FA tokens and provides an API for accessing the captured credentials. It is brought to you by Black Hills Information Security.
Features
- Fully supported SSL via Let's Encrypt
- Exact login form clones for realistic phishing
- Supports any number of intermediate pages (e.g. Gmail login, password, and two-factor pages)
- API for integrating credentials into other applications
- Easy personalization using a templating framework
Summary
CredSniper is a phishing tool that allows users to launch phishing sites with SSL support and capture credentials along with 2FA tokens. It provides an API for integrating the captured credentials into other applications. With its fully supported SSL, exact login form clones, and easy personalization, CredSniper offers a comprehensive solution for conducting realistic phishing attacks.