phishery - a Credential Harvester with a Word Document Template URL Injector.

phishery – a Credential Harvester with a Word Document Template URL Injector.

Phishery is a Simple SSL Enabled HTTP server with the primary purpose of phishing credentials via Basic Authentication. Phishery also provides the ability easily to inject the URL into a .docx Word document.
Dependencies:
+ Golang Language
+ of course; Internet Traffic

phishery

phishery

The effectiveness of this tool is based mostly on the Domain and Basic Auth Realm used, as that is often all the end user will see when triggered from an Office document. Make sure to point your DNS A Records the public IP of the phishery server.

It’s recommended that the provided cert is replaced with a trusted one, such as one generated with LetsEncrypt. Microsoft Word on OS X will prevent the auth dialog if the cert is invalid.

usage and download from git:

Source: https://github.com/ryhanson