SpearPhisher – A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for (mostly) non-technical people who would like to supplement the education and awareness aspect of their information security program. Not only is it useful to non-technical folks, penetration testers may find it handy for sending quick and easy ad-hoc phishing emails. The tool supports specifying different sending names and email addresses, multiple recipients via TO, CC, BCC, and allows bulk loading with one recipient email address per line in a file. It allows customization of the subject, adding one attachment, and SSL support for SMTP enabled mail servers. One of the popular features with our client is the WYSIWYG HTML editor that allows virtually anyone to use the tool; previewing results as you point and click edit your malicious email body. If you want to add custom XSS exploits, client side attacks, or other payloads such as a Java Applet code generated by the Social Engineer Toolkit (SET), its split screen editor allows more advanced users to edit HTML directly.

An open relay is not necessarily required as many mail servers allow authenticated users to spoof email. This is the beta release of the tool and has been tested in limited environments.

The tool can be downloaded from the TrustedSec Tools page located:

https://www.trustedsec.com/files/SpearPhisherBETA.zip

Enjoy and use the tool responsibly!

Explore More

Critical SQL Injection (vulnerability) on The New Era Journal http://khitpyaing.org/

PlanetCreator.Net’s Security Team Member has reported another critical SQL Injection (vulnerability) on The New Era Journal http://khitpyaing.org/ These are some information from Vulneral Site http://khitpyaing.org/ : his vulnerability has been

Trace an Email

How to trace email addresses Method 1 So, have you ever wanted someones I.P address? but there is no standard way of getting it, today i will be teaching you

What are the various features of snort?

Snort has the following features: * It detects threats, such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors