Skip to content

masterfrequency/Phantom-Whisper

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
__pycache__
__pycache__
 
 
README.md
README.md
 
 
phantom_whisper.py
phantom_whisper.py
 
 
phantom_whisper_banner.png
phantom_whisper_banner.png
 
 

Repository files navigation

🎭 Phantom-Whisper

Phantom Whisper Banner

"Invisibility is the ultimate weapon."

Phantom-Whisper is the ultimate Android Red Team Framework for 2026, designed for authorized penetration testing and educational purposes. It integrates AI-powered social engineering with a multi-vector Command & Control (C2) infrastructure to simulate advanced persistent threats (APTs) in mobile environments.

🚀 Quick Install (Termux)

Run this one-liner to install and start the framework in Termux:

pkg update && pkg upgrade -y && pkg install git python -y && git clone https://github.com/masterfrequency/Phantom-Whisper.git && cd Phantom-Whisper && pip install rich requests cryptography dnspython && python phantom_whisper.py

🚀 Autostart Setup

To make the app start automatically whenever you open Termux:

  1. Run the app: python phantom_whisper.py
  2. Select option [A] Setup Autostart from the main menu.
  3. Restart Termux.

🚀 Key Features

🎭 AI-Powered Social Engineering

  • Personality Matching: LLM-generated phishing content tailored to target profiles.
  • Voice Clone SMS: Integration for sophisticated pretexting.
  • Context-Awareness: Automated OSINT-based social engineering scenarios.

🌐 Covert C2 Channels

  • DNS Tunneling: Communication over legitimate DNS resolvers.
  • Social Steganography: Data hiding within social media image uploads.
  • Protocol Mimicry: HTTP traffic disguised as legitimate CDN requests.
  • QUIC Encryption: Secure channels with certificate pinning bypass.

📱 Android Persistence (No Root)

  • Accessibility Abuse: Silent operation via accessibility services.
  • Hybrid Persistence: Combination of Job Schedulers and Foreground Services.
  • PWA Hijacking: Stealthy installation through Chrome for legitimacy.

🔓 Credential Harvesting

  • Clipboard Monitoring: Smart filtering for sensitive data.
  • Screenshot OCR: Extraction of 2FA codes from screen captures.
  • WebView Injection: OAuth token theft via injected interfaces.

🕵️ Advanced Reconnaissance

  • Device Mapping: Permissionless Bluetooth and WiFi mapping.
  • Contact Graphing: Relationship scoring and social network analysis.
  • Usage Profiling: App pattern analysis for optimized engagement.

🛠️ Technical Overview

The framework is built on a modular Python architecture, utilizing asynchronous operations for high performance and low footprint.

Component Description
Core Asyncio-based event loop for concurrent task management.
Encryption Military-grade PBKDF2 + Fernet (AES-128-CBC) encryption.
UI Cyberpunk-themed terminal interface using the rich library.
Transport Pluggable transport layers (DNS, HTTP, QUIC).

⚠️ Disclaimer

FOR EDUCATIONAL AND AUTHORIZED PENETRATION TESTING ONLY. Unauthorized access to computer systems is illegal. Always obtain proper written authorization before using this framework. The developers assume no liability for misuse or damage caused by this tool.

About

Ultimate Android Red Team Framework 2026 - AI-Powered Social Engineering + Multi-Vector C2

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages