- 2 days ago
🔐 Phishing Explained – This step-by-step phishing tutorial shows how hackers use fake websites to steal login information and passwords. Understand what is phishing in hacking, how it works, and how to protect yourself from phishing attacks.
💡 Learn:
What phishing is in hacking
How hackers use phishing emails and fake websites
How to avoid getting scammed
Real examples and cybersecurity tips
🔗 Follow for more:
📲 Linktree: https://linktr.ee/syedmhatim
WhatApp Channel: https://whatsapp.com/channel/0029Vb6LyOOCxoAr6lY95m0L
#Phishing #CyberSecurity #PhishingAttack #Hackers #PhishingTutorial #OnlineSecurity #LoginProtection #HackingTips
💡 Learn:
What phishing is in hacking
How hackers use phishing emails and fake websites
How to avoid getting scammed
Real examples and cybersecurity tips
🔗 Follow for more:
📲 Linktree: https://linktr.ee/syedmhatim
WhatApp Channel: https://whatsapp.com/channel/0029Vb6LyOOCxoAr6lY95m0L
#Phishing #CyberSecurity #PhishingAttack #Hackers #PhishingTutorial #OnlineSecurity #LoginProtection #HackingTips
Category
📚
LearningTranscript
00:00So guys welcome to another video
00:03So today I will tell you
00:05What kind of phishing
00:08Can you hack any social accounts
00:11This video is just for educational purposes
00:13So it will not be wrong
00:15If you are wrong
00:16If you are wrong
00:17I will not be wrong
00:18Hacking
00:19Phishing
00:20We call it
00:21To steal a login credential
00:23Like phishing
00:24We put a link
00:27We generate a link
00:29And we send our victim
00:31As a victim
00:32As a link open
00:34As a screen open
00:36That
00:37Authorized company
00:39Email
00:40Instagram
00:41Facebook
00:42You can log in
00:43You can log in
00:44You can log in
00:45You can log in
00:47You can log in
00:48You can log in
00:49Email
00:50Password
00:51Show
00:52So this way
00:53I will tell you
00:54I will tell you
00:55Fishing
00:56Detail
00:57That
00:58You can log in
00:59You can log in
01:00Then I will tell you
01:01Practical
01:02But
01:03You can log in
01:04Subscribe
01:05Subscribe
01:06Like
01:07Share
01:08And
01:09Like
01:10Click
01:11To
01:12So here I opened a presentation.
01:20So I'm going to go to the first page.
01:22So in this video I'm going to mark the tool.
01:26It's a simple tool.
01:28It's also advanced tools like go fish, kingfisher.
01:30There are many advanced tools.
01:32If you want to make a detailed video with advanced tools,
01:38please like this channel and subscribe.
01:41Let's start the video here.
01:43Ethical acting with zfisher.
01:45Fishing simulation for stronger cyber security.
01:51So here we have zfisher tool.
01:53This is a kind of tool.
01:55Now I'm going to go further.
01:57So here we go to the video.
01:59We make a template like official website.
02:01We make a template like this.
02:03When the person log in and log in credentials,
02:05they show us.
02:07So here we go to the next slide.
02:09Introduction to fishing.
02:11What is Fishing?
02:13What is Fishing?
02:15What is Fishing?
02:17Fishing is a social engineering technique
02:19where attackers attempt to deceive victims
02:21into revealing sensitive information
02:23or performing actions that compromise security.
02:27Fishing is a type of social engineering.
02:29You should need social engineering
02:31that you should send them to a victim.
02:33Email fraudant.
02:35You should open your credentials
02:37and put your credentials here.
02:39So here we go to the next slide.
02:41Fishing is a social engineering technique.
02:43Attackers.
02:44Attackers who are?
02:45We are.
02:46This video is for educational purposes.
02:47I will tell you first.
02:49If you do it,
02:50if you do it,
02:51then you will be your responsibility.
02:52To attempt to deceive victims
02:54into revealing sensitive information.
02:56Sensitive information
02:57who is?
02:58It is login credentials.
02:59It is email,
03:00it is password,
03:01it is OTP,
03:02it is something else.
03:03And performing actions that compromise security.
03:05and then you will compromise security.
03:07And some actions which do compromise.
03:08Now you will have a way of phishing
03:09as in this way,
03:10to have login credentials,
03:11you can also log in credentials.
03:12But today's the app
03:13advancing phishing.
03:15Which we can check in its device.
03:16Which we can hack in its device.
03:17Which we can hack that.
03:18It's phishings not together.
03:20Notingly.
03:21It also,
03:22it's malware.
03:24But today's phishing's from phishing.
03:25Which will be very negative.
03:26The technique will be too old.
03:27Now there are
03:28Android rats.
03:29There are many hacking tools as well.
03:31Which will be
03:32called android
03:33So, this is a very small amount of people who want to use it.
03:40If you want to add advanced techniques to this channel, please subscribe to this channel.
03:47So, here is the Human Elements in Fishing.
03:51Human Elements what is called?
03:52Fishing exploits the human factor. Human factor in cybersecurity.
03:55Relying on social manipulation, social manipulation and physiological techniques to bypass technical security controls.
04:02Technical Security Controls to bypass technical security controls.
04:05Technical Security Controls are your email and password.
04:08Login to any account.
04:09We need to bypass them and take the login credentials.
04:13Phishing tactics.
04:15Phishing attacks often involve sending fraudulent emails.
04:17I have told you that fraudulent emails.
04:19Same to same company, which emails send us to password reset.
04:22Anything can happen.
04:24Amazon, Facebook, Instagram, Google.
04:27Anything can happen.
04:28We can find fraudulent emails here.
04:31Messages, websites, websites.
04:36We can find it.
04:37We can find it.
04:38It looks real.
04:39It looks real.
04:40It looks real.
04:41It looks real.
04:42I will tell you that it looks real.
04:43Trick user into sharing login credentials.
04:45I have told you that login credentials here.
04:47We steal them.
04:49Financial information.
04:51Credit card information.
04:53Malware.
04:54Malware.
04:55I have told you that malware can install it on the device.
04:57It will open the link.
04:58It will open the link.
04:59This is advanced.
05:00Today, I will tell you the login credentials.
05:02Impacts of phishing.
05:05Successful phishing attacks can lead to data breaches.
05:08Data breaches.
05:09Data breaches.
05:10What is your data?
05:11What is your login credentials?
05:12Financial losses.
05:13Credit card information.
05:14If you want your account, your account is empty.
05:17Identities have.
05:18Information can be leaked.
05:19And other consensus that can significantly impact the individual and organization.
05:24Yes, if an individual can get a problem.
05:27The entire organization can also get a problem.
05:29So here, phishing is a technical definition.
05:31I will tell you the definition.
05:32I will tell you what is phishing is.
05:34Next slide.
05:35Let's go.
05:36Ethical hacking and phishing simulation.
05:37Ethical hackers utilize phishing techniques as a strategic approach to assess and organization security.
05:43Possibility and employee awareness.
05:44Employee awareness.
05:45This is called ethical hackers.
05:46Black attackers and ethical hackers are different.
05:49Ethical hackers lacknimate work.
05:51Black hackers illegal work.
05:54They can steal their accounts.
05:57Credit cards.
05:58Ethical hackers are just for testing.
06:00Folks, you can understand the phishing situation.
06:03If phishings are something bad.
06:04Hmm, this is not bad.
06:05You can understand the phishing system.
06:06We can understand the phishing situation.
06:07Bad phishing attacks are not bad.
06:09Then, you can't find the phishing system.
06:10In control environment.
06:11In control environment.
06:12They can identify vulnerabilities.
06:13Which vulnerabilities, these bugs can be found.
06:14So, here, vulnerabilities.
06:15We are found on the website.
06:17So, cause the factors of security factors.
06:18Security measures.
06:19Security measures can be better.
06:21And provide valuable insights to central the overall security.
06:24Next slide.
06:25Let's go.
06:26What is phishing?
06:28what is the fishing feature?
06:29What is the fishing feature?
06:30What is the fishing feature?
06:31What is the fishing feature?
06:32ZFisher is a open source fishing tool commonly used in ethical hacking
06:38for educational and penetration testing purposes.
06:40Educational and penetration testing purposes
06:43for the fishing feature.
06:44This is a simple tool.
06:45I have told you to show you a advanced tool.
06:47If you want a advanced tool,
06:48I will also make a video.
06:54Next slide.
06:56Type of fishing attacks.
06:57Email phishing.
06:58Email phishing.
06:59Email phishing.
07:00I have told you that we can send fraud and emails.
07:05Attackers send fraud and emails.
07:06Fraud and emails
07:07Sphere phishing.
07:08Target phishing attack.
07:09I use personality to make email
07:11appear more convincing and trustworthy email.
07:15I have told you that
07:17we can send facebook template
07:18website template
07:19Trustworthy.
07:20Not get authorized.
07:21No spam.
07:22Don't get authorized.
07:23Don't get authorized.
07:24Don't get authorized.
07:25Don't get authorized.
07:26wailing highly targeting phishing attack that specially targets high profile individuals
07:32such as executives or other senior level employees wailing
07:36wailing
07:37wailing
07:38highly profiled individuals or high level senior employers
07:42target
07:43wailing
07:44wailing
07:45phishing attack delivered via text messages or sms
07:50wishing
07:51phishing attacks conducted over the phone
07:53where the attacker impresses our trust
07:56entity and attempts to trick the victim into revealing sensitive information of performing a specific action
08:02so we will go to the next slide
08:05z fitter in action
08:08so we will go into details
08:10we will go into practical details
08:12i will go into a little bit here
08:13overview of z fisher
08:14z fisher
08:15i will tell you what is first
08:17phishing simulation setup
08:20launching the phishing attack
08:22analysis
08:23phishing result
08:24ethical consideration
08:25two steps
08:26we will go into phishing
08:28next slide
08:29we will go into practical
08:30ethical consideration
08:31so here
08:32ethical way
08:33you have to do all this
08:34and you have to score your information
08:36so here
08:37we will go into practical
08:38now we will go into practical
08:40practical part
08:41practical part
08:42z fisher
08:43phishing
08:47phishing
08:48phishing
08:49phishing
08:50phishing
08:51pit
08:52up
08:53Anytime
09:06afterс
09:09cloud search पे चलाने वाला हूँ तो यहां पर यह इस तरह
09:12git clone वगरा करके आप इसको कर सकते हैं तो मैं
09:14cloud shell में चलाने वाला हूँ याद रखिएगा कि हर
09:17tool cloud shell में नहीं चलता जो भी hacking tool है कुछ
09:19कुछ tool चल जाते हैं कुछ कुछ नहीं चलते हैं तो
09:22यहां पर आप open in cloud shell पर click करें मिलिए यहां पर कुछ ऐसी
09:27working वगयदा होगी वर्किंग वगयदा होने के बाद लोडणिग वगयरा होने
09:29के बाद आपके पास बाधि फोड़नि क exist कह सकुरीईगी ऐसे 가능 mycket
09:33why you need to run this thing?
09:35This way you have to run this thing.
09:37When you have this thing, you can run this thing.
09:40This thing is like this.
09:42You can type here,
09:46bash zfisher.sh
09:56I enter this thing.
09:58Here you go running.
10:00Now, we have templates here, which are templates?
10:04Facebook, Twitch, DeviantArt, Beidu, Origin, Dropbox, both templates.
10:10So, I select which templates? Facebook.
10:13So, I just show you an example.
10:14I select Facebook, 1.
10:17Here, I have one type and press enter.
10:20So, here select an option.
10:21Advanced voting poll login page.
10:24Fake security login page.
10:26Facebook Messenger login page.
10:27So, I select one type, I need traditional page.
10:30So, I enter here, you can explore this.
10:33Now, we have port forwarding service.
10:36So, here is cloud flared and local expose.
10:38Local expose, I don't use here.
10:40Local host, we don't use here.
10:44Local host, local host, which will be connected to your network.
10:48You will connect to your network.
10:49So, we will open a link.
10:51So, there will be a universal service.
10:54Cloudflare, local expose.
10:55But the link has already been 쉬ed and掉ed from Googleivamente.
10:58I go up and watch some issues as shown here in Googlecommittee.
11:00Local expose, you have to select one more time.
11:02Because it is time for 15 minutes.
11:04Hypnom dlatego saints would give you time to our account and create it to our account.
11:07Also, people who��면 on the right viele circles.
11:10So, we give they can also
11:12a message across the marketplace.
11:13Local None дети is found.
11:14Here is a link to local expose.
11:16So, you could use our victim's address if you stick on the right and if you take a link at any
11:17way, as possible, we will connect to fundo that.
11:18This tool is so advanced, advanced tools we have more than go fish, go fish, even negex, king fishers, medusa fishers, http fishers, both tools we have come.
11:32So here I select the second option, cloud player.
11:35So here I type cloud player.
11:40To type and enter.
11:43Do you want a custom port?
11:45If you want a custom port, you can use a custom port.
11:47We have a lot of custom ports.
11:49We have a lot of custom ports.
11:51We have 15353 ports.
11:53One port, USB port, this is our physical port.
11:57Virtual port, which is the entire internet.
11:59So here I type custom ports.
12:01If you can use 8080 ports.
12:041224, 2424.
12:06Same to same, because these ports are empty.
12:09Then I click no.
12:11I don't need a custom port.
12:13This is automatically installed.
12:15So here I have my port 8080.
12:17This is our local host.
12:19This is our local host.
12:21This is our local host.
12:23This is our local host.
12:25Do you want to change the URL?
12:27Now we can change the URL.
12:29then we can change our URL.
12:31So I can show you here.
12:32Now I click this one.
12:33So I can show you anyway.
12:35So I can show you something.
12:37And I can show you link here.
12:38If it's my mask URL,
12:39then I can show you something.
12:40So I can show you link there.
12:42Facebook, .com.
12:43I can show you same.
12:45So I can send this one.
12:46I can show you some spelling.
12:47I can show you.
12:48Then I can show you,
12:49I can show you.
12:50So, I will show you the custom URL.
12:54There are two links here, one here and one here.
12:58I will show you the option if you have a mask mask.
13:04So, we will show you the custom URL.
13:07So, I will open this here.
13:13So, I will open this here.
13:15So, I will show you the URL.
13:18But my page is the same to the same.
13:21So, if I have another link to you, I will open it.
13:23So, IP address can catch the address.
13:28IP address can catch the address.
13:30So, if I have another link to you,
13:33then you can see you will open this link.
13:34Now, I will show you the login.
13:36So, I will show you any link.
13:48When I click on login, I am loading and here I am going to capture my account.
13:58I am going to email and here I am going to capture my account.
14:03If you don't have a mask, then you can use custom URL.
14:09If you have a file, you can save it.
14:11If you have information, then you can open it.
14:13If you open it, you will open it.
14:19Ctrl-C, I will exit it.
14:21Front menu, I will come to the front menu.
14:23In the front menu, I have known how to run it.
14:25I have known how to run it.
14:26Bash-z-filture.sh
14:36I have run it.
14:38I have done it.
14:39I have done it.
14:40One select here.
14:43Two select here.
14:45No.
14:49Here I will do the mask URL.
14:56I will click on yes.
14:58Now, enter your custom URL below.
15:00To get free followers.com example, we will do this.
15:04Step no link features.
15:06I will select there but now you can go here.
15:08않는
15:23channel.com slash login application .com
15:25to login
15:27this you can see
15:29this is the same
15:31this is the same
15:33login
15:35enter
15:37click
15:39so
15:41it has been invalid
15:43I have said
15:45that URL is not
15:47this link
15:49this is my link
15:51I will open
15:53So, how do you do this?
15:55I will tell you what to do.
15:57I will tell you what to do.
15:59I will tell you what to do.
16:01Mask.
16:03URL.
16:07So, this is a github repository.
16:09Spire by production.
16:11So, I will open it in Colab.
16:13I will open it.
16:15When I open it, I will run it here.
16:25Here is the tool to run it.
16:27Here is the tool to run it.
16:29Here is the tool to run it.
16:31Here is the tool to run it.
16:33When I run it, I will enter the original URL.
16:35I will copy the URL to the URL.
16:39So, this URL is the original URL.
16:41Enter the URL.
16:43Enter the URL.
16:44Enter the URL.
16:45Enter the custom domain.
16:47So, here I have the domain.
16:49Facebook.com.
16:50It works.
16:51Here is the URL.
16:53Here is the URL.
16:55Facebook.com account.
16:56Here is the URL.
16:57Here is the URL.
16:59So, here is the advertisement.
17:03So, here is the link.
17:05Here is the link.
17:07If I open it,
17:09I will open it.
17:11Here is the link.
17:12Here is the link.
17:13When I pay them.
17:14The link comes here we show the link above.
17:18If there is a link in the top join file,
17:19the link is published within from us full right now to do Anything for the directory within the left
17:22level.
17:24You open it.
17:25Then the link will never see us full back at the value of log-in.
17:27I will log in and log in and log in after our information will come here.
17:40How do we get the email?
17:42We will send the email to the victim to the victim.
17:47I have made an email for images.
17:52I will send the email to you.
17:56So, this is the spam, because it didn't come from the verified domain, so if you send the image to the verified domain, then there will be more chance of spam.
18:09So, this was our video for this big video.
18:11Please subscribe to our channel so that you can get more videos.
Recommended
7:29
|
Up next
23:21
3:37
0:46
2:11