Warning: This guide is for educational purpose only! Do not misuse this guide.

In this tutorial I will teach you how you can make a phishing page which is undetectable (Which is able to bypass hosting security). So lets get started!!

Things you need:

  1. Notepad++
  2. A site of which you want to make a phishing page (In this tutorial we will use Facebook)
  3. Free Hosting Account, I recommend 000webhost (Highly Recommended)


For this guide I will use Facebook login to create a phishing page but you can use this method to on any site

  1. Go to Facebook login
  2. Right-Click on on the page and select “View Page Source” (OR press CTRL+U if you are using Google Chrome)
  3. Copy the source code in a notepad file and save it as “IDPAGE.jpg” on your desktop
  4. Now open the same (IDPAGE.jpg) and search for “action=” attribute in the  <Form>html, Like this:Action Attribute in Form HTML
  5. Replace /login.php?login_attempt=1&amp;lwv=101from the line  action="/login.php?login_attempt=1&amp;lwv=101" with ” data.php ” and save it
  6. Now create a new file with the name “data.php” and “index.php” and paste the following code in these files, You can get the code from here https://bit.ly/2skDaHv
  7. Copy the code from here https://bit.ly/2smjmDC and save it as “index.jpg
  8. Now upload all the files “IDPAGE.jpg“, “data.php“, “index.php“, and “index.jpg” in your webhosting account (Root directory)
  9. That’s it!! You have successfully created your first phishing page!!

How to use your phishing URL:

You can use your phishing URL with anyone all you have to do is, Add “?id=www.facebook.com” to your ULR

Note: Your URL should be look like this (Example) : http://www.YOUR_URL.com?id=www.facebook.com

If you have any queries then feel free to ask in the comment section below