WGET

wget https://github.com/login --mirror --page-requisites --convert-links --adjust-extension --domains --no-parent

wget flag meaning:

  • β€”mirror = turns on recursion and time-stamping, sets infinite recursion depth and keeps FTP directory listings
  • β€”page-requisites = download all the files that are necessary to properly display a given HTML page including inlined images, sounds, and referenced stylesheets
  • β€”convert-links = convert the links in the document to make them suitable for local viewing (ie: relative paths)
  • β€”adjust-extension = ensures html and css pages included the .html and .css extensions after downloading
  • β€”domains <TARGET_URL_SUBDOMAIN> = domains to be followed; we don’t need to follow external domains since we’ll already have absolute paths to them
  • β€”no-parent = don’t go up to the parent directory when retrieving files recursively

SingleFile

This is my favorite tool to use when attempting to clone a website. This Firefox/Chrome extension is not only open-sourced, but you can also get it in the Google Chrome Store or the Firefox Extensions.

Its as simple as just clicking on the SingleFile Icon to save the current page as a single file.

On the left we we have the original web page and on the right after clicking on the Single file Icon the file is saved to the downloads file and we can begin to modify the HTML file to use in a phishing engagement.

  • The images are converted to base64 and saved within the file. Make sure to change this as in past engagements this has caused my domain to be marked as suspicious

Resources:

TitleURL
placeholder

Also Check Out:

  • PLACEHOLDER