Iankulani/warphish
GitHub: Iankulani/warphish
Stars: 5 | Forks: 0
# warphish
[](https://github.com/Iankulani/warphish/stargazers)
[](https://github.com/Iankulani/warphish/network)
[](https://github.com/Iankulani/warphish/watchers)
[](https://github.com/Iankulani/warphish/graphs/contributors)
[](https://github.com/Iankulani/warphish/commits/main)
[](https://hub.docker.com/r/iankulaniking_phisher/warphish)
[](LICENSE)
[](https://github.com/Iankulani/warphish)
[](https://www.python.org/)
WAR PHISH is a comprehensive cybersecurity software developed by Accurate Cyber Defense, designed as an all-in-one command center for security professionals, penetration testers, red team operators, and ethical hackers. This powerful tool integrates multiple attack vectors, reconnaissance capabilities, and communication platforms into a single, unified interface.
# Core Capabilities
🎯 Cyber Drill Simulations
WAR PHISH includes a complete cyber drill simulation engine that allows security teams to conduct realistic attack scenarios:
* Automated Attack Simulations: Generate realistic cyber attack patterns including credential harvesting, network infiltration, and social engineering campaigns
* Red Team vs Blue Team Exercises: Coordinate full-scale security drills with real-time metrics and performance tracking
* Scenario Builder: Create custom attack scenarios with specific parameters, targets, and success criteria
* Performance Analytics: Track response times, detection rates, and mitigation effectiveness across drill sessions
* After-Action Reports: Comprehensive drill reports with vulnerability findings and recommendations
# 🎭 Social Engineering Suite
# The social engineering module enables sophisticated phishing campaigns and user awareness testing:
* 50+ Professional Phishing Templates: Pre-built templates for Facebook, Instagram, Twitter/X, Gmail, LinkedIn, GitHub, PayPal, banking portals, and corporate VPN login pages
* Credential Capture Engine: Real-time credential harvesting with IP logging, user agent tracking, and geolocation
* Multi-Channel Delivery: Deploy phishing links via email, SMS, messaging apps, or QR codes
* Campaign Management: Track click rates, conversion rates, and user interactions
* Awareness Training Reports: Generate detailed reports for employee security awareness programs
# 🌐 Network Penetration Testing Commands
WAR PHISH provides direct integration with industry-standard penetration testing tools:
# Command Function
* nmap Full port scanning, service detection, OS fingerprinting
* nikto Web server vulnerability scanning (integrated)
* curl/wget HTTP/HTTPS request manipulation
* netcat TCP/UDP connection testing and banner grabbing
* ssh Remote connection testing and brute force simulation
* whois/dig DNS reconnaissance and domain information gathering
* traceroute Network path discovery and hop analysis
* ping ICMP testing and network latency measurement
# 🕸️ Nikto Integration
* WAR PHISH features deep integration with Nikto, the powerful web server scanner:
* Web Vulnerability Scanning: Automatically test for over 6,700 potentially dangerous files and CGI scripts
* Server Configuration Auditing: Identify misconfigured HTTP headers, outdated software versions, and insecure defaults
* Subdomain Enumeration: Discover hidden web properties and admin interfaces
* SSL/TLS Testing: Validate certificate configurations and cipher suite security
* Custom Plugin Support: Extend Nikto's capabilities with custom database checks
# 🗺️ Network Mapping & Reconnaissance
* Complete network discovery and mapping capabilities:
* Automatic Network Discovery: Scan entire subnets to identify live hosts and services
* Topology Mapping: Generate visual network maps showing device relationships and communication paths
* Service Enumeration: Identify running services, versions, and potential vulnerabilities
* OS Fingerprinting: Determine operating systems through TCP/IP stack analysis
* Open Port Analysis: Comprehensive port scanning with service version detection
# Spoofing Engine
The spoofing engine enables advanced network manipulation for testing network security controls:
# IP Spoofing
* Craft and send packets with forged source IP addresses
* Test ingress/egress filtering effectiveness
* Validate anti-spoofing protections
# MAC Address Spoofing
* Change network interface MAC addresses
* Test MAC filtering and port security
* Bypass MAC-based authentication systems
* ARP Spoofing/Poisoning
* Intercept network traffic between hosts
* Test switch security and ARP inspection
* Enable man-in-the-middle attack simulations
# DNS Spoofing
* Redirect domain requests to attacker-controlled servers
* Test DNS security and DNSSEC validation
* Validate DNS filtering and sinkhole configurations
Multi-Platform Communication Integration
WAR PHISH enables command and control through SEVEN different communication platforms, allowing operators to maintain access through various channels:
# 💬 Telegram Bot
* Full command execution via Telegram messages
* Real-time alerts and credential notifications
* Support for inline keyboard commands
* End-to-end encrypted communication
# 📱 iMessage (macOS)
* Native Apple Messages integration
* Send commands from any Apple device
* Receive captured credential alerts
* Seamless iOS/macOS ecosystem integration
# 💼 Slack Bot
* Enterprise-ready Slack integration
* Private channel command execution
* Rich message formatting for results
* Team collaboration features
# 🌐 Google Chat
* Google Workspace integration
* Thread-based command responses
* Card-based output formatting
* Attachment support for reports
# 🖥️ Web Application Dashboard
* Real-time command execution interface
* Live analytics and statistics charts
* Port scan result visualization
* Multi-user session management
# 💬 Discord Bot
* Server-based command control
* Role-based access management
* Rich embed output formatting
* Voice channel notifications
# 🔔 Webhook Notifications
# Dark Web Links & Intelligence
WAR PHISH includes curated dark web resources for threat intelligence gathering:
* Intelligence Sources
* Active dark web market monitoring links
* Threat actor forum scrapers
* Data breach notification services
* Ransomware leak site monitoring
* Exploit database aggregators
* Dark Web Operations
* Tor network integration via SOCKS5 proxy
* .onion address resolution and navigation
* Secure anonymous communication channels
* Dark web content extraction tools
# Target Users
# 🔴 Red Hat Hackers (Red Team)
* Full offensive security toolkit for authorized penetration testing
* Evasion techniques and persistence mechanisms
* Custom payload generation and delivery
* Post-exploitation framework integration
# ⚪ White Hat Hackers (Ethical Hackers)
* Comprehensive vulnerability assessment tools
* Compliance reporting (PCI-DSS, HIPAA, SOC2)
* Client-ready penetration test reports
* Remediation guidance and recommendations
# 🟢 System Administrators
* Network monitoring and anomaly detection
* Security control validation tools
* User awareness testing capabilities
* Incident response simulation
# 🟣 Purple Team
* Combined red/blue team exercise coordination
* Detection effectiveness measurement
* Response time optimization
* Control gap identification
# Technical Architecture
Command System
* WAR PHISH supports over 5,000 security commands across multiple categories:
* Reconnaissance and information gathering
* Exploitation and post-exploitation
* Persistence and privilege escalation
* Lateral movement and pivoting
* Data exfiltration testing
* Cleanup and anti-forensics
# Database & Logging
* SQLite backend for lightweight local deployment
* Complete command history with timestamps and execution metrics
* Credential storage with encryption at rest
* Port scan results with service version tracking
* Spoofing attempt logging for audit trails
# API & Extensibility
* RESTful API for custom tool integration
* Webhook support for SIEM and SOAR platforms
* Plugin architecture for community extensions
* Python API for custom script development
Sample Use Cases
Penetration Test Execution
# Discover network hosts
scan 192.168.1.0/24
# Scan for open ports and services
nmap 192.168.1.100 -sV -p-
# Generate phishing campaign
generate_phishing corporate_vpn
# Start credential harvesting
phishing_start link_abc123
# Test network security controls
spoof_ip 10.0.0.1 192.168.1.1 192.168.1.100
Security Awareness Campaign
# Create training phishing page
generate_phishing it_security_update
# Launch awareness campaign
phishing_start awareness_campaign_2024
# Monitor employee interactions
credentials
# Generate training report
report
Network Security Validation
# Map network topology
nmap target_network -T4 -A
# Test ARP inspection
arp_spoof 192.168.1.100 192.168.1.1
# Validate DNS security
dns_spoof internal.corp.com 10.0.0.1
# How to clone
git clone https://github.com/Iankulani/warphish.git
cd warphish
# How to run
python3 warphish
# Installation Requirements
# Core dependencies
python3 >= 3.7
pip3
# Network tools
nmap
nikto
curl
wget
netcat-openbsd
openssh-client
whois
bin
d-tools
# Spoofing tools
hping3
macchanger
dsniff (arpspoof, dnsspoof)
# Python packages
cryptography
requests
paramiko
scapy
telethon
discord.py
slack-sdk
selenium
python-whois
qrcode
google-auth-oauthlib
# Ethical Usage Disclaimer
WAR PHISH is developed for legitimate security testing and educational purposes only.
Appropriate use cases include:
* ✅ Authorized penetration testing with written consent
* ✅ Internal security team training and exercises
* ✅ Educational cybersecurity programs
* ✅ Security research and vulnerability disclosure
* ✅ Compliance validation and audit preparation
# Improper use includes:
* ❌ Unauthorized access to computer systems
* ❌ Credential theft or identity fraud
* ❌ Malware deployment or ransomware operations
* ❌ Privacy violations or surveillance
* ❌ Any activity violating local, state, or federal laws
* Users must obtain explicit written permission before testing any system they do not own or manage.
# Conclusion
WAR PHISH represents a significant advancement in cybersecurity testing software, combining network penetration testing, social engineering, spoofing capabilities, and multi-platform command-and-control into a single integrated platform. Whether conducting red team operations, validating security controls, or training security awareness, WAR PHISH provides the tools needed to identify and remediate vulnerabilities before malicious actors can exploit them.
The inclusion of seven communication platforms (Telegram, iMessage, Slack, Google Chat, Discord, web dashboard, and webhooks) ensures operators can maintain flexible access regardless of network restrictions. Dark web integration provides threat intelligence capabilities, while the comprehensive command system offers over 5,000 security operations.
[](https://github.com/Iankulani/warphish/stargazers)
[](https://github.com/Iankulani/warphish/network)
[](https://github.com/Iankulani/warphish/watchers)
[](https://github.com/Iankulani/warphish/graphs/contributors)
[](https://github.com/Iankulani/warphish/commits/main)
[](https://hub.docker.com/r/iankulaniking_phisher/warphish)
[](LICENSE)
[](https://github.com/Iankulani/warphish)
[](https://www.python.org/)
WAR PHISH is a comprehensive cybersecurity software developed by Accurate Cyber Defense, designed as an all-in-one command center for security professionals, penetration testers, red team operators, and ethical hackers. This powerful tool integrates multiple attack vectors, reconnaissance capabilities, and communication platforms into a single, unified interface.
# Core Capabilities
🎯 Cyber Drill Simulations
WAR PHISH includes a complete cyber drill simulation engine that allows security teams to conduct realistic attack scenarios:
* Automated Attack Simulations: Generate realistic cyber attack patterns including credential harvesting, network infiltration, and social engineering campaigns
* Red Team vs Blue Team Exercises: Coordinate full-scale security drills with real-time metrics and performance tracking
* Scenario Builder: Create custom attack scenarios with specific parameters, targets, and success criteria
* Performance Analytics: Track response times, detection rates, and mitigation effectiveness across drill sessions
* After-Action Reports: Comprehensive drill reports with vulnerability findings and recommendations
# 🎭 Social Engineering Suite
# The social engineering module enables sophisticated phishing campaigns and user awareness testing:
* 50+ Professional Phishing Templates: Pre-built templates for Facebook, Instagram, Twitter/X, Gmail, LinkedIn, GitHub, PayPal, banking portals, and corporate VPN login pages
* Credential Capture Engine: Real-time credential harvesting with IP logging, user agent tracking, and geolocation
* Multi-Channel Delivery: Deploy phishing links via email, SMS, messaging apps, or QR codes
* Campaign Management: Track click rates, conversion rates, and user interactions
* Awareness Training Reports: Generate detailed reports for employee security awareness programs
# 🌐 Network Penetration Testing Commands
WAR PHISH provides direct integration with industry-standard penetration testing tools:
# Command Function
* nmap Full port scanning, service detection, OS fingerprinting
* nikto Web server vulnerability scanning (integrated)
* curl/wget HTTP/HTTPS request manipulation
* netcat TCP/UDP connection testing and banner grabbing
* ssh Remote connection testing and brute force simulation
* whois/dig DNS reconnaissance and domain information gathering
* traceroute Network path discovery and hop analysis
* ping ICMP testing and network latency measurement
# 🕸️ Nikto Integration
* WAR PHISH features deep integration with Nikto, the powerful web server scanner:
* Web Vulnerability Scanning: Automatically test for over 6,700 potentially dangerous files and CGI scripts
* Server Configuration Auditing: Identify misconfigured HTTP headers, outdated software versions, and insecure defaults
* Subdomain Enumeration: Discover hidden web properties and admin interfaces
* SSL/TLS Testing: Validate certificate configurations and cipher suite security
* Custom Plugin Support: Extend Nikto's capabilities with custom database checks
# 🗺️ Network Mapping & Reconnaissance
* Complete network discovery and mapping capabilities:
* Automatic Network Discovery: Scan entire subnets to identify live hosts and services
* Topology Mapping: Generate visual network maps showing device relationships and communication paths
* Service Enumeration: Identify running services, versions, and potential vulnerabilities
* OS Fingerprinting: Determine operating systems through TCP/IP stack analysis
* Open Port Analysis: Comprehensive port scanning with service version detection
# Spoofing Engine
The spoofing engine enables advanced network manipulation for testing network security controls:
# IP Spoofing
* Craft and send packets with forged source IP addresses
* Test ingress/egress filtering effectiveness
* Validate anti-spoofing protections
# MAC Address Spoofing
* Change network interface MAC addresses
* Test MAC filtering and port security
* Bypass MAC-based authentication systems
* ARP Spoofing/Poisoning
* Intercept network traffic between hosts
* Test switch security and ARP inspection
* Enable man-in-the-middle attack simulations
# DNS Spoofing
* Redirect domain requests to attacker-controlled servers
* Test DNS security and DNSSEC validation
* Validate DNS filtering and sinkhole configurations
Multi-Platform Communication Integration
WAR PHISH enables command and control through SEVEN different communication platforms, allowing operators to maintain access through various channels:
# 💬 Telegram Bot
* Full command execution via Telegram messages
* Real-time alerts and credential notifications
* Support for inline keyboard commands
* End-to-end encrypted communication
# 📱 iMessage (macOS)
* Native Apple Messages integration
* Send commands from any Apple device
* Receive captured credential alerts
* Seamless iOS/macOS ecosystem integration
# 💼 Slack Bot
* Enterprise-ready Slack integration
* Private channel command execution
* Rich message formatting for results
* Team collaboration features
# 🌐 Google Chat
* Google Workspace integration
* Thread-based command responses
* Card-based output formatting
* Attachment support for reports
# 🖥️ Web Application Dashboard
* Real-time command execution interface
* Live analytics and statistics charts
* Port scan result visualization
* Multi-user session management
# 💬 Discord Bot
* Server-based command control
* Role-based access management
* Rich embed output formatting
* Voice channel notifications
# 🔔 Webhook Notifications
# Dark Web Links & Intelligence
WAR PHISH includes curated dark web resources for threat intelligence gathering:
* Intelligence Sources
* Active dark web market monitoring links
* Threat actor forum scrapers
* Data breach notification services
* Ransomware leak site monitoring
* Exploit database aggregators
* Dark Web Operations
* Tor network integration via SOCKS5 proxy
* .onion address resolution and navigation
* Secure anonymous communication channels
* Dark web content extraction tools
# Target Users
# 🔴 Red Hat Hackers (Red Team)
* Full offensive security toolkit for authorized penetration testing
* Evasion techniques and persistence mechanisms
* Custom payload generation and delivery
* Post-exploitation framework integration
# ⚪ White Hat Hackers (Ethical Hackers)
* Comprehensive vulnerability assessment tools
* Compliance reporting (PCI-DSS, HIPAA, SOC2)
* Client-ready penetration test reports
* Remediation guidance and recommendations
# 🟢 System Administrators
* Network monitoring and anomaly detection
* Security control validation tools
* User awareness testing capabilities
* Incident response simulation
# 🟣 Purple Team
* Combined red/blue team exercise coordination
* Detection effectiveness measurement
* Response time optimization
* Control gap identification
# Technical Architecture
Command System
* WAR PHISH supports over 5,000 security commands across multiple categories:
* Reconnaissance and information gathering
* Exploitation and post-exploitation
* Persistence and privilege escalation
* Lateral movement and pivoting
* Data exfiltration testing
* Cleanup and anti-forensics
# Database & Logging
* SQLite backend for lightweight local deployment
* Complete command history with timestamps and execution metrics
* Credential storage with encryption at rest
* Port scan results with service version tracking
* Spoofing attempt logging for audit trails
# API & Extensibility
* RESTful API for custom tool integration
* Webhook support for SIEM and SOAR platforms
* Plugin architecture for community extensions
* Python API for custom script development
Sample Use Cases
Penetration Test Execution
# Discover network hosts
scan 192.168.1.0/24
# Scan for open ports and services
nmap 192.168.1.100 -sV -p-
# Generate phishing campaign
generate_phishing corporate_vpn
# Start credential harvesting
phishing_start link_abc123
# Test network security controls
spoof_ip 10.0.0.1 192.168.1.1 192.168.1.100
Security Awareness Campaign
# Create training phishing page
generate_phishing it_security_update
# Launch awareness campaign
phishing_start awareness_campaign_2024
# Monitor employee interactions
credentials
# Generate training report
report
Network Security Validation
# Map network topology
nmap target_network -T4 -A
# Test ARP inspection
arp_spoof 192.168.1.100 192.168.1.1
# Validate DNS security
dns_spoof internal.corp.com 10.0.0.1
# How to clone
git clone https://github.com/Iankulani/warphish.git
cd warphish
# How to run
python3 warphish
# Installation Requirements
# Core dependencies
python3 >= 3.7
pip3
# Network tools
nmap
nikto
curl
wget
netcat-openbsd
openssh-client
whois
bin
d-tools
# Spoofing tools
hping3
macchanger
dsniff (arpspoof, dnsspoof)
# Python packages
cryptography
requests
paramiko
scapy
telethon
discord.py
slack-sdk
selenium
python-whois
qrcode
google-auth-oauthlib
# Ethical Usage Disclaimer
WAR PHISH is developed for legitimate security testing and educational purposes only.
Appropriate use cases include:
* ✅ Authorized penetration testing with written consent
* ✅ Internal security team training and exercises
* ✅ Educational cybersecurity programs
* ✅ Security research and vulnerability disclosure
* ✅ Compliance validation and audit preparation
# Improper use includes:
* ❌ Unauthorized access to computer systems
* ❌ Credential theft or identity fraud
* ❌ Malware deployment or ransomware operations
* ❌ Privacy violations or surveillance
* ❌ Any activity violating local, state, or federal laws
* Users must obtain explicit written permission before testing any system they do not own or manage.
# Conclusion
WAR PHISH represents a significant advancement in cybersecurity testing software, combining network penetration testing, social engineering, spoofing capabilities, and multi-platform command-and-control into a single integrated platform. Whether conducting red team operations, validating security controls, or training security awareness, WAR PHISH provides the tools needed to identify and remediate vulnerabilities before malicious actors can exploit them.
The inclusion of seven communication platforms (Telegram, iMessage, Slack, Google Chat, Discord, web dashboard, and webhooks) ensures operators can maintain flexible access regardless of network restrictions. Dark web integration provides threat intelligence capabilities, while the comprehensive command system offers over 5,000 security operations.