Phemail.py: Phishing EMail Social Engineering Tool - Hacking Tools Download Download Hacking Tools at 'Tools Yard': Phemail.py: Phishing EMail Social Engineering Tool

Phemail.py: Phishing EMail Social Engineering Tool

Labels:
, , , ,

Social Engineering is defined as the process of inducing people into giving away access or confidential information. From a security consultant point of view this topic is not new and there are many tools which can be used against the target.

phemail.py - Phishing EMAIL. The main purpose of this tool is to prove who clicked on the phishing email without attempting to exploit the web browser but collecting as much information as possible. For this reason it will be 100% undetectable by any antivirus and it will obtain sufficient data to have an initial proof of concept for the client.
Phemail.py Phishing EMail Social Engineering Tool
Steps to use Phemail.py:
  1. Find corporate email addresses: Phemail has an option for harvesting corporate email addresses and save them to a file. Phemail.py leverages Google to search for LinkedIn specific corporate e-mail targets.
  2. Create a phishing email template: You get to create your own custom phishing templates. Do not forget to add the string “{0}” in each URL as the script will replace this string with the correct URL automatically.
  3. Host/upload a single PHP file: This file contains JavaScript code which attempts to collect web browser information and save it in a log file in /tmp directory.
  4. Run the php file as shown in the following example: # phemail.py -e test-emails.txt -f "Tax report " -r "Tax Report " -s "Important information about your tax" -b body.txt -w http://YOUR-WEBSITE.com


Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email

Posted by Mohit Kumar at Thursday, August 16, 2012  

The Hacker News - Daily Updates