Finding Someone's Location with Seeker

⚠️ Disclaimer:

This guide is for ethical hacking and cybersecurity learning only. Always obtain permission from targets. Misuse may result in legal consequences.

🛠️ What is Seeker?

Seeker is an open-source tool developed by TheWhiteH4t that can generate a fake web page to socially engineer and capture the victim’s location using their device’s geolocation feature.

🧰 Requirements

Linux OS (Kali Linux or Ubuntu preferred)
Python 3
Git
Ngrok (for hosting externally)

🪜 Step-by-Step Guide

🔹 1. Install Seeker

Open your terminal and run:

git clone https://github.com/thewhiteh4t/seeker.git
cd seeker/
chmod +x install.sh
./install.sh

🔹 2. Run Seeker

Make sure Python 3 is installed, then run:

##################
# Usage Examples #
##################

# Step 1 : In first terminal
$ python3 seeker.py

# Step 2 : In second terminal start a tunnel service such as ngrok
$ ./ngrok http 8080

###########
# Options #
###########

# Ouput KML File for Google Earth
$ python3 seeker.py -k <filename>

# Use Custom Port
$ python3 seeker.py -p 1337
$ ./ngrok http 1337

# Pre-select a specific template
$ python3 seeker.py -t 1

🌐 Setting Up External Access with Ngrok

🔹 3. Download Ngrok

Open a browser and visit https://ngrok.com. Sign in or register, then:

Copy the download link for Linux.
In the terminal, run:

curl -sSL https://ngrok-agent.s3.amazonaws.com/ngrok.asc \
  | sudo tee /etc/apt/trusted.gpg.d/ngrok.asc >/dev/null \
  && echo "deb https://ngrok-agent.s3.amazonaws.com buster main" \
  | sudo tee /etc/apt/sources.list.d/ngrok.list \
  && sudo apt update \
  && sudo apt install ngrok

🔹 4. Authenticate Ngrok

Get your auth token from your Ngrok dashboard and run:

ngrok config add-authtoken 22VSdPVkLSe5meidCxV6r4uKaSv_3BJPSS3z8PfrzhrkLLMHp

🎯 Create a Phishing Page

You can use custom templates in Seeker.

Seeker will ask for a YouTube video link (for disguise).
Paste the link when prompted.
Provide a site name and title (e.g., “Watch Now”, “Trending Video”).
Optionally, add an image URL and description.

🌍 Expose Localhost to the Internet

In a new terminal window:

ngrok http http://localhost:8080

Ngrok will generate a public forwarding link. This is the URL you will share with your "victim" (legally and ethically!).

📲 Delivering the Link

Options:

Send the Ngrok URL directly
Convert it into a QR code using any generator (e.g., https://www.qr-code-generator.com/)
Use URL shorteners for better disguise

📌 Capture Location Data

Once the target opens the link and gives browser permission:

Seeker logs their latitude, longitude, device info, and ISP details
A clickable Google Maps link will be available

📌 Note for Cybersecurity Students

This is a classic social engineering attack using a fake landing page. It’s commonly used in red teaming and penetration testing assessments to test user awareness.

🎓 Educational Use Only

Do NOT use Seeker for:

Stalking
Unauthorized tracking
Spying

Use it in legal penetration tests, CTFs, and lab environments only.

PreviousIPPSEC's Video Search for Hacking Methods NextNishang Project

Last updated 10 months ago

hashtag📍 How to Use Seeker to Get Location via Social Engineering (Educational Purpose)

hashtag⚠️ Disclaimer:

hashtag🛠️ What is Seeker?

hashtag🧰 Requirements

hashtag🪜 Step-by-Step Guide

hashtag🔹 1. Install Seeker

hashtag🔹 2. Run Seeker

hashtag🌐 Setting Up External Access with Ngrok

hashtag🔹 3. Download Ngrok

hashtag🔹 4. Authenticate Ngrok

hashtag🎯 Create a Phishing Page

hashtag🌍 Expose Localhost to the Internet

hashtag📲 Delivering the Link

hashtag📌 Capture Location Data

hashtag📌 Note for Cybersecurity Students

hashtag🎓 Educational Use Only

📍 How to Use Seeker to Get Location via Social Engineering (Educational Purpose)