From 516e226fb14869341a75e796ca286567c6628850 Mon Sep 17 00:00:00 2001
From: Muhammad Talha Khan <MTK911@users.noreply.github.com>
Date: Fri, 22 Feb 2019 22:41:39 +0500
Subject: [PATCH] Create README.md

---
 payloads/Windows Phisher/README.md | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 payloads/Windows Phisher/README.md

diff --git a/payloads/Windows Phisher/README.md b/payloads/Windows Phisher/README.md
new file mode 100644
index 0000000..cc84dc6
--- /dev/null
+++ b/payloads/Windows Phisher/README.md	
@@ -0,0 +1,28 @@
+# Windows Phisher
+
+### Description:
+
+#### Windows_Phisher.ino:<br>
+Windows credential phisher, Works by running powershell script and pausing for 1 minute before asking for username and password. Popup only
+goes away after valid credentials are given if so credentials are sent to webhook.site from where they can be later retrieved from remote 
+location. Orignal concept stolen from [Nishang](https://github.com/samratashok/nishang/blob/master/Gather/Invoke-CredentialsPhish.ps1)<br>
+
+**Instructions:**<br>
+Before using it make sure the WebHook.site hook is set in payload which you will find almost at the end of the script. Also the 
+current time is set for 1 minute you can increase the time to your requirement in "start-sleep -s" which you will find at the start of script.<br>
+
+**Tested on:**<br>
+**OS**: Windows 10|8|7<br>
+**User**: Admin/Normal User<br>
+**Hardware**: ATtiny85 (Chinese)
+
+### Requirements:
+**Password Grabber**: https://webhook.site/ or any other request reflector of your choice<br>
+**Internet Access**
+
+### Screenshot
+<kbd>
+  <img src="https://i.ibb.co/Hh0jchC/pop.png">
+</kbd><kbd>
+  <img src="https://i.ibb.co/rGVSVSg/site.png">
+</kbd>