Shellfish is a Linux based tool that is used to generate fake pages which are called phishing.

Phishing ​Attack is a fraud attempt to obtain sensitive information like usernames, passwords, credit card information, Bank Account Numbers, etc. Phishing is an example of a Social Engineering technique being used to deceive users.

Legal disclaimer:

Usage of Shellphish for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.

Requirements For Pc

1. Kali Linux or any other Linux Operating system.
2. Internet Connection.
3. Shell Phish that we will be using for this practical.
4. Firefox or and other browsers.

Requirements: For Mobile

  1. Termux from the play store.
  2. Mobile data / wifi connection.


git clone
cd shellphish

Steps For Mobile Phone Termux

  1. Open Termux App in Mobile
  2. Type ‘ pkg install git ‘.
  3. Now type ‘ got clone ‘.
  4. Last step is just type ‘ cd shellphish’ > ‘ bash ‘.

Now simply select the website which you want to use as your phishing site, then choose between ngrok or and share it with the victim.
You can also use a URL shortener to make it less suspicious, you can search on Google or you can use TinyURL.

Steps For Computer Kali Linux

  1. Open Kali Linux and then open the terminal
  2. type git clone
  3. get in directory type: cd shellphish
  4. bash


choose any option from above just by typing their number, e.g. if I want to make an Instagram phishing page, I will type (1) as insta is written on number one. and using any portforwding ngrok or ther openssd