In this article, you will learn about how to use BlackEye in Linux which is one of the most advanced phishing tools out there! It has almost every phishing page of every platform – like social media sites, games stores, and even login pages of different games. We’ll teach you only how to install it on Linux…
Disclaimer: This blog is strictly for educational purposes only. If you do anything illegal then we’re not responsible.
What Exactly is Phishing?
Phishing is a type of social engineering attack that BLACK HAT HACKERS use to steal sensitive data such as usernames, passwords, login credentials, and even banking information.
What Exactly is BlackEye?
HiddenEye is a powerful phishing tool that includes advanced features and multiple tunneling services; BlackEye has 38+ different types of phishing websites logins including Facebook, Instagram, and Xbox. It also comes with a Keylogger feature—perfect for spying on your spouses or employees!
Below is the Table Chart of all the Tunneling Services available in BlackEye and what they require before installation can take place.
The first step is to use your web browser’s search function and input the term BlackEye Github. Next, check out the top result you get back after doing this. By clicking on that website, you’ll open up a blog post describing how to do all of these steps!
After that, type the command (cd BlackEye) to enter the directory of the tool. Then run Back Eye using the command (python3 BlackEye.py).
How to Grab Password with BlackEye?
Now you can see there are so many website templates that we’ll be using for the Instagram login page. Follow these steps to use the phishing page:
1) Select the number of phishing templates, then click enter. We’ll be selecting 8 for Instagram, but this will vary depending on your chosen template…
Type a redirection URL that will redirect your target to a given website or link. Then type a port number but between [ 1024 – 65535]…
Now you have to select the forwarding option, which has only two available options: Localhost and Ngrok, so pick one of them (01) if using the domain over the Internet…
After that, there are two links to choose from Localhost and ngrok. Copy the ngrok link for now and send it to your victim…
Now if the victim types their credentials on your fake Instagram phishing page, you’ll see them typed in real time on your terminal monitor.
This is what a fake (phishing) Instagram login screen looks like –