.jpeg)
When you run a phishing page locally, it only works on your device. Attackers solve this by using “tunneling” services like Serveo.net or Ngrok to expose their localhost server to the entire internet.
For example:
- The attacker runs a fake page on
http://localhost:5000. - By using Serveo, they create a public link such as:
- https://randomstring.serveo.net
Now, anyone clicking that link can access the phishing page.
⚠️ Listen close, this content is for educational and defensive purposes only. The goal is to raise awareness, not to promote illegal activities. You would be held responsible for your inappropriate actions!
Before we start, if you were hosting a phishing link, make sure you have the phishing tool installed on your device terminal (Android or Linux).
Follow the link below if you haven't done it:
👉👉👉How to create a phishing website
Guidelines
In your command line(Termux, Linux, or Windows), execute these commands step-by-step
1. Update the command line
ssh -R any:80:localhost:5000 serveo.net
If you are using one of my tools from this website, then port 5000 is the common. If not, you will need to check your localhost link and correct the port
the any part is the domain, just ignore it most cases
the localhost:5000 is the local URL of the server or service running in your terminal, you can edit it if your terminal shows different one
2. Agree to continue
For the first time, you may be asked to continue:
Type yes and hit enter key
yes
-
Do you have any questions? Want to share ideas on how to improve it? Wanna collaborate?
Share your thoughts in the comments.
If you liked this post, fuel my late-night coding sessions, buy me a coffee ☕. A small donation keeps the keys clicking 💻.