Information Gathering Password Attacks Pentesting Tools Web Application

Weeman v1.7 – HTTP Server for Phishing

HTTP server for phishing in python. (and framework) Usually you will want to run Weeman with DNS spoof attack. (see dsniff, ettercap).


  • 1.7 – is out 25-03-2016
  • Added profiles
  • Weeman framework 0.1 is out !!!
  • Added command line options.
  • Beautifulsoup dependency removed.

Weeman will do the following steps:

  1. Create fake html page.
  2. Wait for clients
  3. Grab the data (POST).
  4. Try to login the client to the original page

The framework
You can use weeman with modules see examples in modules/ , just run the command framework to access the framework.
Write a module for the framework
If you want to write a module please read the modules/. Soon I will write docs for the API.
You can load profiles in weeman, for example profile for mobile site and profile for desktop site.

./ -p mobile.localhost.profile


  • Python <= 2.7.


  • Linux (any)
  • Mac (Tested)
  • Windows (Not supported)

Contributions are very welcome!

  1. fork the repository
  2. clone the repo (git clone [email protected] :USERNAME/weeman.git)
  3. make your changes
  4. Add yourself in contributors.txt
  5. push the repository
  6. make a pull request

Thank you – and happy contributing!

Download at Github

Post Comment