Skip to content

The fastest tool for analyzing and dumping WhatsApp accounts (in ~15s).

Notifications You must be signed in to change notification settings

AmirAvram/whatstrapp

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

WhatsTrapp

WhatsTrapp video

Introduction

WhatsTrapp is a tool for analyzing and dumping WhatsApp accounts.

Requirements

  • Node.js >= 8.0
  • Yarn
  • Docker
  • Docker Compose

Installation

Clone the repository:

$ git clone git@github.com:Wicker25/whatstrapp.git
$ cd whatstrapp/

Install all the dependencies for the project:

$ yarn

Create the Elasticsearch and Kibana's containers:

$ docker-compose pull

Trying it out

Start the Elasticsearch and Kibana's containers with:

$ docker-compose up

Launch the WhatsTrapp server with:

$ yarn start

Then open your browser at http://127.0.0.1:8025/ and wait until the QR code has been loaded.

Launch the target's WhatsApp and, from the main menu, select "WhatsApp Web".

Finally, take a picture of the QR code and enjoy it!

Data Analysis

Launch Kibana by opening your browser at http://127.0.0.1:5601/.

Set the Index Pattern as wt-* and click on "Create" (the pattern is valid only after you collected some data!).

kibana-create-index

Now you can open the Discover page and visualize the collected data.

kibana-example

Architecture

The WhatsTrapp's architecture consists of a Puppeteer, Puppets, and Clients:

WhatsTrapp architecture

  • The Puppeteer launches the browser instance by using Google Puppeteer and injects a Puppet into it;
  • The Puppet is a JavaScript that performs actions in the WhatsApp Web page;
  • The Client is the user interface used by the attacker for performing the hack.

All of the components communicate with each other via WebSocket.

About

The fastest tool for analyzing and dumping WhatsApp accounts (in ~15s).

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%