Masked Panda is a lightweight, educational Python tool designed for URL masking and optional shortening. It demonstrates how phishing attackers disguise malicious links by exploiting browser URL parsing behavior (e.g., https://legitimate-site@[email protected]).
This tool is intended strictly for educational and security awareness purposes, such as penetration testing, red team exercises, or demonstrating social engineering risks in controlled environments.
- Interactive mode with colorful ASCII banner
- Pre-defined templates for common platforms:
- Command-line interface (CLI) support:
-fbor--facebook→ Applies Facebook login mask-instaor--instagram→ Applies Instagram login mask
- Optional integration with Bitly URL shortener (requires a valid access token)
- Automatic dependency installation on first run
- Clean, user-friendly output with masked URL ready for copying
This tool is provided for educational and authorized security testing purposes only.
The author (0xp4panda) and contributors bear no responsibility for any misuse, illegal activity, or harm caused by using this software.
Phishing, unauthorized access, fraud, or any form of cybercrime is strictly prohibited and may result in severe legal consequences under applicable laws (e.g., Computer Fraud and Abuse Act, EU Cybercrime Directive, etc.).
By using Masked Panda, you agree to:
- Use it only in environments where you have explicit permission
- Never target individuals or systems without written authorization
- Comply with all local and international laws
The author disclaims any liability for misuse.
- Python 3.6 or higher
- Internet connection (for optional Bitly shortening and dependency installation)
Clone the repository and make the script executable:
git clone https://github.com/SecureWithUmer/Masked-Panda.git
cd Masked-Panda
chmod +x Masked-Panda.py
./Masked-Panda