• Home
  • Hacking & Security
    • Network Hacking
    • Web Hacking
    • Social Engineering
    • Kali Linux
    Submit An Article
  • Courses
    • All Courses
    • Bundles
    • Masterclass
    • VIP Membership
    • FAQ

    Popular Courses

  • Shop
    • Hardware Bundles
    • Wireless Adapters
    • Pentesting Tools
    • Security
    • Accessories
    • Clothing
    • Books
    • All
  • Competition
  • Services
    Penetration Testing
    Consulting
    Code Review
    One on one Training
    Online Courses
    VPN
  • Blog
      • Cart

    VIP Membership Masterclass
    Got a question?
    [email protected]
    RegisterLogin
    zSecurity
    • Home
    • Hacking & Security
      • Network Hacking
      • Web Hacking
      • Social Engineering
      • Kali Linux
      Submit An Article
    • Courses
      • All Courses
      • Bundles
      • Masterclass
      • VIP Membership
      • FAQ

      Popular Courses

    • Shop
      • Hardware Bundles
      • Wireless Adapters
      • Pentesting Tools
      • Security
      • Accessories
      • Clothing
      • Books
      • All
    • Competition
    • Services
      Penetration Testing
      Consulting
      Code Review
      One on one Training
      Online Courses
      VPN
    • Blog
        • Cart

      Hacking & Security

      HiddenEye – The All in One Phishing Solution

      • Posted by Tanishka Kohli
      • Date April 28, 2020

      In this article, we will see what is phishing? How dangerous is it? And how to use hidden eye to do phishing.

      What is Phishing?

      Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication.

      The core of phishing is Social Engineering, the success rate also depends only and only on human error. Suppose you got a link that asks you to login with your account and the link is suspicions there is a high chance that it will send your details to someone else and you may get phished.

      Hidden Eye is one of the best tools available for phishing it also has features such as keylogger, ngrok support and much more.

       

      Installation:

      git clone https://github.com/DarkSecDevelopers/HiddenEye.git
      
      chmod 777 HiddenEye
      
      sudo apt install python3-pip
      
      cd HiddenEye
      
      sudo pip3 install -r requirements.txt
      
      sudo pip3 install requests 
      
      

      Running Hiddeneye:

      python3 HiddenEye.py

       

      Select the website you want to create a fake page for.

       

      Select which you think will be most effective.

       

      You can also enable a keylogger.

       

      Enable / disable cloudfare protection.

       

      You can also configure it to send captured data via email, I don’t recommend this option but you can setup it up if you want to.

       

      Add link where you want the page to redirect after details are entered.

       

      I am selecting ngrok so that the link can be available over WAN.

       

      You are done with setup. Now send the link and enjoy phishing!

       

      Now you can share the ngrok link with the target, as you can see below is identical to Instagram’s login page.

       

      Now we have the victim’s user id and password.

       

      You can also use any link or URL shortener to make the link less suspicious, but remember phishing is always about social engineering.

       

      • Share:
      author avatar
      Tanishka Kohli

      Programmer, Aspiring Ethical Hacker, ML and Blockchain Enthusiast

      Previous post

      4 Ways To Get Bitcoin Anonymously
      April 28, 2020

      Next post

      Hide text inside image(Steganography)
      May 4, 2020

      You may also like

      secrets_370x208
      Unlocking Secrets: How to Crack SHA256 Passwords with Hashcat
      30 March, 2023
      domain-controllers_370x208
      Identifying Domain controller in a network
      24 March, 2023
      storm-braker_370x208
      Access Location, Camera & Mic of any Device 🌎🎤📍📷
      23 March, 2023

        58 Comments

      1. talalajmi
        April 29, 2020
        Log in to Reply

        I don’t get anything after I choose ngork 🙂

        • Tanishka Kohli
          April 29, 2020
          Log in to Reply

          Have you installed ngrok ???

          • Aman keshri
            April 29, 2020
            Log in to Reply

            No please tell us how to install that.

            • Tanishka Kohli
              April 30, 2020
              Log in to Reply

              You can visit this website https://ngrok.com/ or wait I am already writing the next article on ngrok

          • Divyaraj Mahida
            April 29, 2020
            Log in to Reply

            Mind asking me how can we manually install NGROK?

            • Tanishka Kohli
              April 30, 2020
              Log in to Reply

              You can visit this website https://ngrok.com/ or wait for some time I am already writing the next article on ngrok

          • Stark111
            December 9, 2020
            Log in to Reply

            When i use ngrok it is showing me too many connections plz solve it sir

            • orsen
              February 19, 2021
              Log in to Reply

              In a different terminal type in
              ngrok http 127.0.0.1:(forwarded hidden eye port number)
              then click enter

              then copy the link that looks like: http://************.ngrok.io
              And then send it to the victim

        • MistaM69
          September 15, 2021
          Log in to Reply

          This is setup fairly similar to SEToolkit Credential Harvester. Basically, you are simply giving the script a place to post to the credentials to the phishing attack gets from the fake url, which ngrok makes a clear route for the localhost server to post to. You can definitely go outside the LAN and use NOIP or something like it to hide your real IP and route back to because your script will send from any remote host back to any IP as long as there is no blocked port.

      2. kvelagana
        April 29, 2020
        Log in to Reply

        Same happens to me sir ngrok not giving any links i did installation

        • Tanishka Kohli
          April 30, 2020
          Log in to Reply

          Try git clone again after a couple of days
          Hidden eye might have bugs in their latest update
          But they will remove bugs in new update

      3. Gautham
        April 29, 2020
        Log in to Reply

        Can’t get any links… though I installed ngrok

        • Tanishka Kohli
          April 30, 2020
          Log in to Reply

          Try git clone again after a couple of days
          Hidden eye might have bugs in their latest update
          But they will remove bugs in new update

        • Typographical
          June 17, 2021
          Log in to Reply

          How to use hiddeneye reborn

      4. Divyaraj Mahida
        April 29, 2020
        Log in to Reply

        It’s not working in NGROK server and will only work if the victim disable all the anti-virus or else 403 forbidden error will pop-up

        • Tanishka Kohli
          April 30, 2020
          Log in to Reply

          Can you please tell me on which browser or operating system you are opening the phishing link

          • Divyaraj Mahida
            April 30, 2020
            Log in to Reply

            On my virtual machine windows 10 and on my host machine, and I’m using it in chrome and explorer

          • voldemortOP
            July 31, 2020
            Log in to Reply

            Hi I do get the link but it works online if the victim is connected to the same internet network as I am so how do I send the link to the person not using the same internet connection as me

      5. Unitel20
        April 29, 2020
        Log in to Reply

        NGROK ain’t giving out any link!

      6. B1ackAng31
        April 29, 2020
        Log in to Reply

        sudo pip3 install -r requirements.txt

        i get “sudo: pip3: command not found” error

        • Tanishka Kohli
          April 30, 2020
          Log in to Reply

          sudo apt install python-pip

          try this command

      7. Sithum Nimlaka
        April 30, 2020
        Log in to Reply

        Want to port forward to this process ?

        • Tanishka Kohli
          April 30, 2020
          Log in to Reply

          No it is not needed

      8. B1ackAng31
        April 30, 2020
        Log in to Reply

        Hi

        Thanks but i get the next issue

        E:Unable to locate package python-pip

      9. Vashisht Boodhun
        May 1, 2020
        Log in to Reply

        Make sure that your sources are correct, so do

        leafpad /etc/apt/sources.list

        Remove everything and past the following lines:

        deb http://http.kali.org/kali kali-rolling main contrib non-free
        deb-src http://http.kali.org/kali kali-rolling main non-free contrib

        Save and quit then do

        apt-get update
        apt-get update –fix-missing
        apt autoremove

        Then try installing pip as follows:

        apt-get update
        apt install python-pip
        apt install python3-pip

        Please don’t hesitate to contact if you need anything else.

        • voldemortOP
          July 31, 2020
          Log in to Reply

          Hey buddy I am getting links but only the victim connected to the same network can see the clone page so how do I send the link to the person who is not connected to the same network as I am

      10. emma
        May 5, 2020
        Log in to Reply

        hy i have sucessfully generated the link and it,s working (Special thanks). Now i want to ask how i can again get the connection of my generated link. For example after sending the link to someone after few days i want to seee the list of victims then how can i open that hinnden eye terminal .Thanks Again

        • Tanishka Kohli
          May 8, 2020
          Log in to Reply

          Everytime you will get new ngrok link.

      11. Rocky
        May 7, 2020
        Log in to Reply

        Hello, i realized that this does not work outside the network. How do i make the ngrok link work for a victim that is not in the same network with me ???

        • Tanishka Kohli
          May 8, 2020
          Log in to Reply

          All ngrok links can be used over internet
          Please try again

          • emma
            May 12, 2020
            Log in to Reply

            No the links provided by the Hidden Eye Does’t work ouside of the network . i creake a link and then send to my friend then the link does’t open on his mobile . He was using chrom browser

            • bikerboy
              May 23, 2020
              Log in to Reply

              can you give me a lesson or help in the installation and testing of hidden eye?

          • Devil hacker
            May 20, 2020
            Log in to Reply

            Sir it’s same issue we r using 2020 version

      12. Samark
        May 7, 2020
        Log in to Reply

        Tunnel a8fejdhs.ngrok.io not found
        After getting link and visit it shows this – Tunnel a8fejdhs.ngrok.io not found

        • Tanishka Kohli
          May 8, 2020
          Log in to Reply

          Please try again one more time

      13. Rocky
        May 13, 2020
        Log in to Reply

        Tanishka.. I think you need to try it out yourself. The links created by hidden eye works for only users within same network . If there is a way to make it work outside the network, it would be great

        • Tanishka Kohli
          May 19, 2020
          Log in to Reply

          Rocky
          Ngrok links are used for WAN since you cannot make your own computer a server
          Please try again
          I have used hidden eye for months and that’s why I have suggested it
          Thanks

      14. Devil hacker
        May 19, 2020
        Log in to Reply

        Sir I created everything but the problem is the links or not working in normal Google search in any other servers I’m using 2020 version sir please help me out of this sir

        • Tanishka Kohli
          May 19, 2020
          Log in to Reply

          Can you please elaborate the problem a little bit

          • Devil hacker
            May 20, 2020
            Log in to Reply

            I created a link in hidden eye but it is not working in normal browser so please help me out of this sir

            • Tanishka Kohli
              May 20, 2020
              Log in to Reply

              I belive that hidden eye have updated it’s repo that’s what causing the error try again after same days hope they remove this bug

      15. Harsh Jolad
        May 20, 2020
        Log in to Reply

        Hello there,
        For this to work should the victim be connected to the same network as mine?

        • Daniel Awad
          May 31, 2020
          Log in to Reply

          No it doesn’t. I’m using a NAT Network and was able to use one of my external computers to log in, using a different network entirely, and it worked fine with Hidden Eye picking up on the credentials and device details.

          • karansethi
            June 22, 2020
            Log in to Reply

            Hey !
            i’m also using NAT Network but when i open the link on anyother device which is connected to another network then the link doesn’t work and shows “too many connections”.

      16. shivammourya
        June 4, 2020
        Log in to Reply

        Sir i sucessfully generated a link. and i had sent a link to victim but if he login in a 4 5 days and for me it is not possible to open that terminal 24/7 so then how can i open that same link again ??plss help

      17. karansethi
        June 14, 2020
        Log in to Reply

        How can we generate a link, if we want to send it to someone with a different internet connection? The link which is generated works only if the person is browsing in the internet connection.

        • voldemortOP
          July 31, 2020
          Log in to Reply

          I am having the same issue

      18. james capon
        June 15, 2020
        Log in to Reply

        I attempted to install Hidden Eye but get the following error:

        fatal: unable to access ‘https://github.com/DarkSecDevelopers/HiddenEye.git/’: Could not resolve host: github.com

      19. Mr.x
        July 9, 2020
        Log in to Reply

        I’m getting problem in installing wine
        Wine: Depends: wine64 (>=5.0-4) but it is not going to be installed or wine32 (>=5.0-4)
        Depends: wine64(< 5.0-4.1~) but it is not going to be installed or wine32 (5.0-4.1~)

      20. Vedant
        Vedant Bhalgama
        August 2, 2020
        Log in to Reply

        That is really cool! But some people will see at the link and they can tell that this is a Phishing Link, So for that what can we do?

        • voldemortOP
          August 2, 2020
          Log in to Reply

          Hey buddy for that you can use bit.ly or tinyurl

      21. Vedant
        Vedant Bhalgama
        August 2, 2020
        Log in to Reply

        I am not getting ngrok link! It says ngrok links, but after sometime Program Crashes

        • voldemortOP
          August 2, 2020
          Log in to Reply

          Which method are you using 1.Local Host
          2.Ngrok
          3.Serveo?

          • Vedant
            Vedant Bhalgama
            September 4, 2020
            Log in to Reply

            Ngrok is the method i am trying to use!

      22. Lone wolf
        August 29, 2020
        Log in to Reply

        It’s showing me internet disconnected
        How can I resolve this

      23. Lone wolf
        September 3, 2020
        Log in to Reply

        Sir ngrok is showing me some kind of error ..

        Traceback ( most recent call last)

        Like this ..help

      24. Boopathi
        November 6, 2020
        Log in to Reply

        this error comes while running hiddeneye how to install ngrok means i have already registered in ngrok but how to give authtoken? and where ?

        Traceback (most recent call last):
        File “HiddenEye.py”, line 45, in
        server_runner.server_selection(port)
        File “/opt/HiddenEye-Legacy/Defs/ActionManager/Server/server_runner.py”, line 64, in server_selection
        NgrokController().establish_connection(port=port)
        File “/opt/HiddenEye-Legacy/controllers/ngrok_controller.py”, line 32, in establish_connection
        self._model.connect(port=port, name=’HiddenEye Connection’, pyngrok_config=self._config_path)
        File “/usr/local/lib/python3.7/dist-packages/pyngrok/ngrok.py”, line 176, in connect
        api_url = get_ngrok_process(pyngrok_config).api_url
        File “/usr/local/lib/python3.7/dist-packages/pyngrok/ngrok.py”, line 126, in get_ngrok_process
        ensure_ngrok_installed(pyngrok_config.ngrok_path)
        AttributeError: ‘str’ object has no attribute ‘ngrok_path’

      25. sandheepsandymsd2003
        November 27, 2020
        Log in to Reply

        I got this error even after setting auth key

        Traceback (most recent call last):
        File “HiddenEye.py”, line 45, in
        server_runner.server_selection(port)
        File “/opt/HiddenEye-Legacy/Defs/ActionManager/Server/server_runner.py”, line 64, in server_selection
        NgrokController().establish_connection(port=port)
        File “/opt/HiddenEye-Legacy/controllers/ngrok_controller.py”, line 32, in establish_connection
        self._model.connect(port=port, name=’HiddenEye Connection’, pyngrok_config=self._config_path)
        File “/usr/local/lib/python3.7/dist-packages/pyngrok/ngrok.py”, line 176, in connect
        api_url = get_ngrok_process(pyngrok_config).api_url
        File “/usr/local/lib/python3.7/dist-packages/pyngrok/ngrok.py”, line 126, in get_ngrok_process
        ensure_ngrok_installed(pyngrok_config.ngrok_path)
        AttributeError: ‘str’ object has no attribute ‘ngrok_path’

      Leave A Reply Cancel reply

      You must be logged in to post a comment.

      Categories

      • Cryptography
      • Cryptography
      • CTF
      • Forensics
      • Hacking & Security
      • Hardware
      • IOT
      • Kali Linux
      • Network Hacking
      • News
      • OSINT
      • Post Exploitation
      • Post Exploitation
      • Privacy
      • Programming
      • Security
      • Social Engineering
      • Uncategorized
      • Web Hacking

      Popular Posts

      Got a Blank Screen After Importing Kali in Virtual Box ? Here’s How To Fix It
      25Jan2018

      Connect with us

      • Facebook
      • Twitter
      • LinkedIn
      • Instagram
      • Youtube

      “Everything related to ethical hacking

      & cyber security in one place.”

      Quick Links

      • Home
      • About Us
      • Hacking & Security
      • Download Custom Kali
      • Contact
      • FAQ

      Services

      • Penetration Testing
      • Consulting
      • Code Review
      • One on one training
      • VPN
      • VIP Membership

      Company

      • About Us
      • Contact
      • Vulnerability Disclosure

      Support

      • FAQ
      • Forums

      Copyright © 2022 Z IT SECURITY LTD t/a zSecurity. All rights reserved.

      • Privacy
      • Shipping
      • Refunds
      • Terms

      Contribute

      Share your knowledge with the world

      SUBMIT AN ARTICLE

      Login with your site account

      Lost your password?

      Not a member yet? Register now

      Register a new account


      Are you a member? Login now

      Enroll in this course to access this lesson!

      All of our courses include:

      ✔ Lifetime, unlimited access to course materials & training videos.

      ✔ Watch online or download lectures for offline use.

      ✔ Verifiable certificate of completion from zSecurity, signed by the course instructor, Zaid.

      ✔ Get answers from our Support Team within a maximum of 15 hours.

      ✔ Unlimited Updates.

      Get free 1 month VIP membership per course with:

      ✔ Live mentorship and Q&A session with the course instructor, Zaid.

      ✔ Instant support from community members through our private discord channel.

      ✔ Daily updates with the latest tutorials & news in the hacking world.

      ✔ Daily resources like CTFs, bug bounty programs, onion services and more!

      ✔ Access our VIP community & connect with like-minded people.

      ✔ Discounts on other zSecurity products and services.

      We are using cookies to give you the best experience on our website. This includes but is not limited to:

      • Storing your settings and preferences.
      • Remember your access information
      • Track website performance and make our website more relevant to you.

      You can find out more about which cookies we are using or switch them off in settings.

      Privacy Overview

      This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

      Strictly Necessary Cookies

      Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

      3rd Party Cookies

      This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

      Keeping this cookies enabled helps us to improve our website.

      Please enable Strictly Necessary Cookies first so that we can save your preferences!

      Powered by  GDPR Cookie Compliance