Python黑客的开源网络“钓鱼”工具，愿者上钩！

除此之外，PhEmail还支持Gmail身份验证，这一功能在目标站点屏蔽了邮件源或IP地址的情况下会非常有用。值得一提的是，该工具还可以克隆目标组织或企业的门户网站登录界面，测试人员可以用这些伪造的页面来窃取目标用户的登录凭证。

使用样例

一般来说，第一步是收集目标企业的邮箱地址。PhEmail的搜索引擎在收集到了企业邮箱地址之后，会将它们保存在一个文件中，演示代码如下：

PHishing EMAIL tool v0.13 Usage: phemail.py [-e ] [-m] [-f ] [-r ] [-s] [-b ] -e emails: File containing list of emails(Default: emails.txt) -f from_address: Source emailaddress displayed in FROM field of the email (Default: Name Surname) -r reply_address: Actual emailaddress used to send the emails in case that people reply to the email(Default: Name Surname ) -s subject: Subject of theemail (Default: Newsletter) -b body: Body of the email(Default: body.txt) -p pages: Specifies number ofresults pages searched (Default: 10 pages) -v verbose: Verbose Mode(Default: false) -l layout: Send email with noembedded pictures -B BeEF: Add the hook for BeEF -m mail_server: SMTP mailserver to connect to -g Google: Use a google accountusername:password -t Time delay: Add deleaybetween each email (Default: 3 sec) -R Bunch of emails per time(Default: 10 emails) -L webserverLog: Customise thename of the webserver log file (Default: Date time in format"%d_%m_%Y_%H_%M") -S Search: query on Google -d domain: of email addresses -n number: of emails perconnection (Default: 10 emails) -c clone: Clone a web page -w website: where the phishingemail link points to -o save output in a file -F Format (Default: 0): 0- firstname surname 1- firstname.surname@example.com 2- firstnamesurname@example.com 3- f.surname@example.com 4- firstname.s@example.com 5-surname.firstname@example.com 6- s.firstname@example.com 7- surname.f@example.com 8- surnamefirstname@example.com 9- firstname_