CredSniper – Phishing Framework with 2FA Token Support

Easily launch a new phishing site fully presented with SSL and capture credentials along with 2FA tokens using CredSniper. The API provides secure access to the currently captured credentials which can be consumed by other applications using a randomly generated API token.


  • Fully supported SSL via Let’s Encrypt
  • Exact login form clones for realistic phishing
  • Any number of intermediate pages
    • (i.e. Gmail login, password and two-factor pages then a redirect)
  • Supports phishing 2FA tokens
  • API for integrating credentials into other applications
  • Easy to personalize using a templating framework



You can install and run automatically with the following command:

$ git clone
$ cd CredSniper
~/CredSniper$ ./

Then, to run manually use the following commands:

~/$ cd CredSniper
~/CredSniper$ source bin/activate
(CredSniper) ~/CredSniper$ python --help

Note that Python 3 is required.


Add Comment