Create phishing sites with SocialFish

With SocialFish you can easily and quickly create phishing sites. Of course, only for learning purposes! Here is a little tutorial to getting started.


  • make, PHP, sudo
  • Python 2.7
  • Python PIP
  • Python virtualenv



Here an phishing example for GitHub.


ūüėČ super easy …

CURL visualization via httpstat

CURL is awesome … but sometimes the feature for visualization of statistics is missing. Exactly here helps httpstat as an wrapper.

httpstat is available for different languages:

Prepare project

Since I am a Python lover I will also work with my favorite language provided by Xiao Meng. It’s a single file with no dependencies and compatible to Python 2.7 and 3.

Usage examples

Note: httpstat has a bunch of environment variables, please use help!

Yosemite – Apache and PHP at user level

Mac OS X include Apache server and PHP, but since some version by default only at root level. To start the Apache on root level simple use the following commands.

After starting the Apache server, on browser you can use the URL “http://localhost”. You should see something like: “It Works”. The location for files is “/Library/WebServer/Documents/”.

Small note
I have to apologize! The security policies of my provider do not allow the usage or combination for special words. Therefore, at various points images were used.

User level

Now we create the Apache on user level with a few configuration steps.

Inside this folder create a simple PHP file (index.php)

In the third step, the configuration file of the user is created. The name always includes the user name!

Add the following content and save

Check the access permissions for “-rw-r–r–” or “664”!¬†To enable the configuration, open the “httpd-userdir.conf” and uncomment one line above <IfModule>.


In the last step, only the correct modules must be loaded.


Now uncomment the LoadModule lines for “” and “” and include for user home.

user home include

Thats it! If you now start/restart the Apache and call the URL “http://localhost/~<username>/” in your browser, you should see the parsed content of PHP file.

Fast PHP server

Since PHP 4.x, there is a CLI SAPI web server. As a tester you simply go to the folder and start the server.


Now start your browser and insert the URL “localhost:8100″. With “Ctrl+c” you can stop the server.