not a script kiddie </3
Peel the layers. One click, full picture.
A realistic verification page that silently collects deep browser fingerprints, geolocation, VPN leaks, and device data – all delivered to a clean, live dashboard.
For authorized security assessments only.
PhiShit transforms a simple link into a powerful reconnaissance tool. When a target visits the page, they see a convincing "verification" progress bar while the tool collects:
- 🌍 Geolocation & ISP (with VPN/proxy detection)
- 🖥️ Deep fingerprinting – WebGL, audio, fonts, WebRTC IP leak, battery status, plugins
- 🌐 Browser & device details – user agent, screen resolution, timezone, hardware concurrency
- 🔑 IP address & HTTP headers
All data is stored in a local SQLite database and displayed in an auto‑refreshing web dashboard.
You can expose the link publicly via ngrok and mask it with a URL shortener – everything controlled from the dashboard.
| Category | Details |
|---|---|
| 🎭 Realistic Verification Page | No logos, no branding – just a clean progress bar that looks like a standard browser check. |
| 🧬 Deep Browser Fingerprinting | Collects WebGL, audio fingerprint, font detection, WebRTC IP leak, battery status, installed plugins, and more. |
| 🌐 VPN/Proxy Detection | Uses ip‑api.com proxy flag + WebRTC exposed local IP to identify VPNs. |
| 🚀 Ngrok Integration | One‑click start/stop of ngrok tunnel directly from the dashboard. |
| 🔗 URL Masking | Shorten your public URL with a single click (via cleanuri.com). |
| 🖥️ Live Dashboard | Auto‑refreshes every 5 seconds; select and delete visits with checkboxes. |
| ⚙️ Full Web Control | Set redirect URL, start/stop ngrok, mask URL – all from the dashboard. No command‑line prompts. |
| Dashboard | Verification Page | Data Table |
|---|---|---|
 |
 |
 |
git clone https://github.com/TnYtCoder/PhiShit.git
cd PhiShitpip install -r requirements.txt- Sign up at ngrok.com (free)
- Copy your auth token and either:
- Set the environment variable
NGROK_AUTH_TOKEN
- Set the environment variable
python phishit.pyNavigate to http://localhost:5000/dashboard in your browser.
From there you can:
- Start ngrok to get a public URL
- Mask the public URL
- Change the redirect target (where the victim is sent after “verification”)
- View and manage collected data
| Section | What it does |
|---|---|
| Configuration | Start/stop ngrok, mask URL, change redirect URL |
| Collected Data | Table of all visits, with select/delete and auto‑refresh |
| Footer | Links to author’s GitHub |
All settings are applied instantly – no restarts needed.
PhiShit runs on any system with Python 3.7+ and a web browser. It has been tested on:
| Platform | Status |
|---|---|
| Kali Linux | ✅ Fully supported |
| Parrot OS | ✅ Fully supported |
| Ubuntu / Debian | ✅ Works |
| Windows 10/11 | ✅ Works (with Python installed) |
| macOS | ✅ Works |
| Termux (Android) | ✅ Works (requires Python and ngrok) |
The tool itself is platform‑agnostic – it only needs a terminal and a browser for the dashboard.
This tool is provided for educational and authorised security testing purposes only.
- You must have explicit permission from the owner of any system you test.
- Unauthorised use may violate laws such as the Computer Fraud and Abuse Act (CFAA) and similar legislation worldwide.
- The author assumes no liability for misuse of this software.
By using this tool, you agree to use it responsibly and only within the boundaries of the law.
- Python 3.7+
- Flask, requests, pyngrok (installed via
requirements.txt) - (Optional) ngrok binary – download from ngrok.com/download
Contributions are welcome! Please open an issue or pull request for any improvements, bug fixes, or feature ideas.
MIT – see LICENSE file for details.
TnYtCoder – GitHub
Made with ❤️ for the security research community.