A similar tool - Lockphish - is available on GitHub. It is convincing, and a user in a hurry can be easily tricked Lockphish is a tool for phishing the lock screen, designed to grab Windows credentials, Android PIN, and iPhone Passcode using a https link

It looks convincing with Windows, too. However, the user name can't be dynamically obtained, so by default, it's "just" Adminstrator.

literally least believable lockscreen.

cringe

With how multiple devices using Fingerprint / Face ID rn, i don't think this is practical Not to mention you would also need to get the correct skin for the lockscreen.

Fingerprint and Face ID are on smartphones always created with PIN/Password or pattern combination. Creating custom or set of the most common lockscreen phishing pages is not really a problem if an attacker is motivated.

Creepy

Only with PIN... If is a dot pattern still works?

This works only with pin and passwords, however, I guess it wouldn't be a problem to implement dot pattern. I believe that if this would be implemented, then it would be the first phishing that utilizes smartphone lock-screen pattern phishing.

It's not generating ngrok link ...!

This tool is old and obsolete, I had to generate the link manually.