Hack Tools

PhEmail – Open Source E-mail Phishing Tool

By root

Posted on December 17, 2017

PhEmail is a python based email phishing tool that automates the process of sending phishing emails as part of a social engineering test.

The main purpose of PhEmail is to send a bunch of phishing emails and prove who clicked on them without attempting to exploit the web browser or email client but collecting as much information as possible.

PhEmail comes with an engine to gather email addresses through LinkedIn, useful during the information gathering phase. Also, this tool supports Gmail authentication which is a valid option in case the target domain has blacklisted the source email or IP address. And, this tool can be used to clone corporate login portals in order to steal login credentials.

Usage:

Usage: phemail.py [-e <emails>] [-m <mail_server>] [-f <from_address>] 
[-r <replay_address>] [-s <subject>] [-b <body>]

-e      emails: File containing list of emails (Default: emails.txt)

-f      from_address: Source email address displayed in FROM field of the email 
        (Default: Name Surname <[email protected]>)

-r      reply_address: Actual email address used to send the emails in case that 
        people reply to the email (Default: Name Surname <[email protected]>)

-s      subject: Subject of the email (Default: Newsletter)

-b      body: Body of the email (Default: body.txt)

-p      pages: Specifies number of results pages searched (Default: 10 pages)

-v      verbose: Verbose Mode (Default: false)

-l      layout: Send email with no embedded pictures

-B      BeEF: Add the hook for BeEF

-m      mail_server: SMTP mail server to connect to

-g      Google: Use a google account username:password

-t      Time delay: Add deleay between each email (Default: 3 sec)

-R      Bunch of emails per time (Default: 10 emails)

-L      webserverLog: Customise the name of the webserver log file 
        (Default: Date time in format "%d_%m_%Y_%H_%M")

-S      Search: query on Google

-d      domain: of email addresses

-n      number: of emails per connection (Default: 10 emails)

-c      clone: Clone a web page

-w      website: where the phishing email link points to

-o      save output in a file

-F      Format (Default: 0):

        0- firstname surname

        1- [email protected]

        2- [email protected]

        3- [email protected]

        4- [email protected]

        5- [email protected]

        6- [email protected]
        
        7- [email protected]

        8- [email protected]

        9- [email protected]

Examples:

phemail.py -e emails.txt -f "Name Surname " -r "Name Surname " -s "Subject" 
-b body.txt

phemail.py -S example -d example.com -F 1 -p 12

phemail.py -c https://example.com

Download PhEmail

Related Items:email phishing tool, how to use phemail, phemail, PhEmail - Open Source E-mail Phishing Tool, phemail tutorial

MrHacker

PhEmail – Open Source E-mail Phishing Tool

Usage:

Examples:

Latest News

FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia

Links

Pin It on Pinterest