Social Attacker is the first Open Source, Multi-Site, automated Social Media Phishing Framework. It allows you to automate the phishing of Social Media users on a mass scale by handling the connecting to, and messaging of targets.
You provide Social Attacker with a phishing message and a list of target profiles (collected either by hand or with Social Mapper).
Then over a timeframe you set, it attempts to connect to the targets and, if they accept, sends them phishing message.
Alternatively it can scrape a targets public profile history and use rudimentary message generation to craft a personal message specific to that person, as an alternative to sending the same phish to all targets.
Social Attacker supports the following social media platforms:
Additional Features Include:
- An organisation’s name, searching via LinkedIn
- A folder full of named images
- A CSV file with names and URL’s to images online
Social Attackers usage is similar to Social Mapper, so if you are familar with this tool, this should be easy to use.
Social Attacker is primarily aimed at Penetration Testers and Red Teamers, who will use it to perform phishing on targets social media profiles.
What you send and do is only limited by your imagination, but here are a few ideas to get started:
Create a detailed HTML report, showing a breakdown of how your organisations employees react to a random account adding them and sending them a link to click on various social media platforms.
‘Friend’ and Connect to your targets so you can direct message them links to implants or macro documents. Recent statistics show social media users are more than twice as likely to click on links and open documents compared to those delivered via email.
Create custom phishing campaigns for each social media site. Redirect them to a credential harvesting page with an offical looking login form, or a site under your control hosting an exploitkit or Metasploits browser autopwn.
Trick users into disclosing their emails and phone numbers with fake vouchers and offers to make the pivot into email phishing, vishing or smishing.
These instructions will show you the requirements for and how to use Social Attacker.
As this is a Python based tool, it should theoretically run on Linux, ChromeOS (Developer Mode) and macOS. The main requirements are Firefox, Selenium and Geckodriver. To install the tool and set it up follow these 4 steps:
- Install the latest version of Mozilla Firefox for macOS here:
- Or for Debian/Kali (but not required for Ubuntu) get the non-ESR version of Firefox with:
- sudo add-apt-repository ppa:mozillateam/firefox-next && sudo apt update && sudo apt upgrade
Make sure the new version of Firefox is in the path. If not manually add it.
Install the Geckodriver for your operating system and make sure it’s in your path, on Mac you can place it in /usr/local/bin, on ChromeOS you can place it in /usr/local/bin, and on Linux you can place it in /usr/bin.
Download the latest version of Geckodriver here:
Install the required libraries:
On Linux & macOS finish the install with:
- git clone https://github.com/Greenwolf/social_attacker
- cd social_attacker/setup python -m pip install –no-
- cache-dir -r requirements.txt
On Mac look through the setup/setup-mac.txt file to view some additional xquartz installation instructions.
Provide Social Attacker with credentials to log into social media services:
Open social_attacker.py and enter social media credentials into global variables at the top of the file
For Facebook, make sure the language of the account which you have provided credentials for is set to ‘English (US)’ for the duration of the run. Additionally make sure all of your accounts are working, and can be logged into without requiring 2 factor authentication.