explaingit

htr-tech/zphisher

Analysis updated 2026-06-24

15,944HTMLAudience · ops devopsComplexity · 2/5Setup · easy

TLDR

A Bash phishing toolkit with 30 plus prebuilt fake login page templates, intended for authorized security training and red team awareness demos.

Mindmap

mindmap
  root((zphisher))
    Inputs
      Template choice
      Tunnel option
    Outputs
      Hosted fake page
      Captured credentials log
    Use Cases
      Security awareness demo
      Red team training
      Tunneling test
    Tech Stack
      Bash
      HTML
      Docker
      Cloudflared
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Run an authorized security awareness drill that shows staff how convincing a fake login page can be.

USE CASE 2

Study the templates to build a phishing detector for an email gateway.

USE CASE 3

Demo the role of tunneling services like Cloudflared in red team scenarios during a CTF.

What is it built with?

BashHTMLDockerCloudflared

How does it compare?

htr-tech/zphisherjeromeetienne/ar.jsgustavoguanabara/html-css
Stars15,94415,80716,262
LanguageHTMLHTMLHTML
Setup difficultyeasymoderateeasy
Complexity2/53/51/5
Audienceops devopsdevelopergeneral

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

Auto installs dependencies on first run, but only safe to use on isolated networks with written authorization.

In plain English

Zphisher is an automated phishing toolkit, a tool that creates fake login pages designed to look like real websites in order to capture someone's credentials when they try to log in. It comes with more than 30 ready-made templates imitating login pages for popular services. The tool is described as intended for educational purposes, specifically to demonstrate how phishing attacks work, and the author states they are not responsible for misuse. Phishing is a type of cyber attack where someone is tricked into entering their username and password on a fake version of a website they trust. Tools like this are sometimes used in security training and penetration testing, authorized testing of a system's defenses, but carry significant legal risk if used without permission. Zphisher is written in Bash (a scripting language for command-line use) and runs on various Linux environments. It supports several methods for making the fake page accessible from outside a local network, including tunneling services (Cloudflared and LocalXpose), and includes URL masking to make the malicious link look more legitimate. It also supports Docker for easier deployment. Dependencies are installed automatically on first run.

Copy-paste prompts

Prompt 1
Explain how zphisher chooses between Cloudflared and LocalXpose for tunneling and the trade offs for a controlled lab.
Prompt 2
List the prebuilt templates in zphisher and map each one to the legitimate login page it imitates.
Prompt 3
Walk me through running zphisher inside Docker on a private CTF network so nothing leaks to the public internet.
Prompt 4
Help me write a corporate policy paragraph that defines when running a tool like zphisher is allowed inside our company.

Frequently asked questions

What is zphisher?

A Bash phishing toolkit with 30 plus prebuilt fake login page templates, intended for authorized security training and red team awareness demos.

What language is zphisher written in?

Mainly HTML. The stack also includes Bash, HTML, Docker.

How hard is zphisher to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is zphisher for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Scan in gitsafehub Deploy in gitdeployhub htr-tech on gitmyhub

Verify against the repo before relying on details.