A Phishing toolkit is a set of scripts/programs that allows a phisher to automatically set up Phishing websites that spoof the legitimate websites of different brands including the graphics (i.e., images and logos) displayed on these websites. Phishing toolkits are developed by groups or individuals and are sold in the underground economy. These sophisticated kits are typically difficult to obtain, are quite expensive, and are more likely to be purchased and used by well-organized groups of phishers, rather than average users.
Phishers use hypertext preprocessor (PHP) to develop the Phishing kits. PHP is a general purpose scripting language that was originally designed for web development of dynamic webpages. PHP code is embedded into the HTML source script and interpreted by a web server with the help of a PHP processor module.
Most of the Phishing kits are advertised and distributed at no charge and usually these Phisking kits- also called DIY (Do It Yourself) Phishing kits- may hide backdoors through which the phished information is sent to recipients (may be to the authors of Phishing kits) other than the intended users.
Following are few examples of such toolkits:
1. Rock Phish: It is a Phishing toolkit popular in the hacking community since $2005 .$ It allows non-techies to launch Phishing attacks. The kit allows a single website with multiple DNS names to host a variety of phished webpages, covering numerous organizations and institutes.
2. Xrenoder Trojan Spyware: It resets the homepage and/or the search settings to point to other websites usually for commercial purposes or porn traffic.
3. Cpanel Google: It is a Trojan Spyware that modifies the DNS entry in the host's file to point to its own website. If Google gets redirected to its website, a netizen may end up having a version of a website prepared by the phisher.