├── .gitignore ├── 01-钓鱼攻击资源 ├── README.md └── SpoofWeb-master.zip ├── 02-钓鱼攻击技术 └── README.md ├── 03-钓鱼攻击工具 └── README.md ├── 04-钓鱼漏洞研究 └── README.md ├── 05-钓鱼技术参考 └── README.md └── README.md /.gitignore: -------------------------------------------------------------------------------- 1 | 2 | *.pdf 3 | *.pptx 4 | -------------------------------------------------------------------------------- /01-钓鱼攻击资源/README.md: -------------------------------------------------------------------------------- 1 | # 01-钓鱼攻击资源 2 | 3 | 01-钓鱼攻击资源 4 | 5 | -------------------------------------------------------------------------------- /01-钓鱼攻击资源/SpoofWeb-master.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Getshell/Phishing/f5d6e3ca5a8d32a202d8311331f35fa65f81a0b6/01-钓鱼攻击资源/SpoofWeb-master.zip -------------------------------------------------------------------------------- /02-钓鱼攻击技术/README.md: -------------------------------------------------------------------------------- 1 | # 02-钓鱼攻击技术 2 | 3 | 02-钓鱼攻击技术 -------------------------------------------------------------------------------- /03-钓鱼攻击工具/README.md: -------------------------------------------------------------------------------- 1 | # 03-钓鱼攻击工具 2 | 3 | 03-钓鱼攻击工具 4 | 5 | -------------------------------------------------------------------------------- /04-钓鱼漏洞研究/README.md: -------------------------------------------------------------------------------- 1 | # 04-钓鱼漏洞研究 2 | 3 | 04-钓鱼漏洞研究 4 | 5 | -------------------------------------------------------------------------------- /05-钓鱼技术参考/README.md: -------------------------------------------------------------------------------- 1 | # 05-钓鱼技术参考 2 | 3 | 05-钓鱼技术参考 4 | 5 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Phishing-网络钓鱼攻击 2 | 3 | ![Phishing](https://socialify.git.ci/Getshell/Phishing/image?description=1&descriptionEditable=Phishing-%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8%E9%92%93%E9%B1%BC%E7%A0%94%E7%A9%B6&font=Bitter&forks=1&issues=1&name=1&owner=1&pattern=Circuit%20Board&pulls=1&stargazers=1&theme=Light) 4 | 5 | 钓鱼不仅是一种户外运动,更是一种有效的网络安全攻击技术。本项目用于记录网络钓鱼攻击的相关内容,包括优秀的钓鱼技术工具技巧或优秀的钓鱼实战项目案例等。钓鱼攻击源于技术,又高于技术。钓鱼攻击源于欺骗,有高于欺骗。深入研究并积极实践社工技术,在很多实战项目中往往可以产生意想不到的结果!作者:[0e0w](https://github.com/0e0w) 6 | 7 | 本项目创建于2021年8月16日,最近的一次更新时间为2025年4月13日。 8 | 9 | - [01-钓鱼攻击资源](https://github.com/Getshell/Phishing#01-%E9%92%93%E9%B1%BC%E6%94%BB%E5%87%BB%E8%B5%84%E6%BA%90) 10 | - [02-钓鱼攻击技术](https://github.com/Getshell/Phishing#02-%E9%92%93%E9%B1%BC%E6%94%BB%E5%87%BB%E6%8A%80%E6%9C%AF) 11 | - [03-钓鱼攻击工具](https://github.com/Getshell/Phishing#03-%E9%92%93%E9%B1%BC%E6%94%BB%E5%87%BB%E5%B7%A5%E5%85%B7) 12 | - [04-钓鱼漏洞研究](https://github.com/Getshell/Phishing#04-%E9%92%93%E9%B1%BC%E6%BC%8F%E6%B4%9E%E7%A0%94%E7%A9%B6) 13 | - [05-钓鱼技术参考](https://github.com/Getshell/Phishing#05-%E9%92%93%E9%B1%BC%E6%8A%80%E6%9C%AF%E5%8F%82%E8%80%83) 14 | 15 | ## 01-钓鱼攻击资源 16 | 17 | 一、钓鱼书籍 18 | - [ ] [《Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails》](https://lira.epac.to/DOCS-TECH/Hacking/Phishing/Phishing%20Dark%20Waters.pdf) 19 | - [ ] [《The Phishing Guide Understanding & Preventing Phishing Attack》](https://nsi.org/ReferenceLibrary/630.pdf)@IBM 20 | 21 | 二、钓鱼文章 22 | - [ ] https://xz.aliyun.com/t/12682 23 | - [ ] https://xz.aliyun.com/t/12247 24 | - [ ] https://xz.aliyun.com/t/12020 25 | - [ ] https://xz.aliyun.com/t/11980 26 | - [ ] https://xz.aliyun.com/t/11898 27 | - [ ] https://xz.aliyun.com/t/11885 28 | - [ ] https://xz.aliyun.com/t/11655 29 | - [ ] https://xz.aliyun.com/t/11519 30 | - [ ] https://xz.aliyun.com/t/11400 31 | - [ ] https://xz.aliyun.com/t/12247 32 | - [ ] https://xz.aliyun.com/t/11400 33 | - [ ] https://xz.aliyun.com/t/11471 34 | - [ ] https://xz.aliyun.com/t/11300 35 | - [ ] https://xz.aliyun.com/t/10878 36 | - [ ] https://xz.aliyun.com/t/10339 37 | - [ ] https://xz.aliyun.com/t/9549 38 | - [ ] https://xz.aliyun.com/t/9159 39 | - [ ] https://xz.aliyun.com/t/8705 40 | - [ ] https://xz.aliyun.com/t/7958 41 | - [ ] https://xz.aliyun.com/t/6763 42 | - [ ] https://xz.aliyun.com/t/6325 43 | - [ ] https://xz.aliyun.com/t/5412 44 | - [ ] https://xz.aliyun.com/t/4556 45 | - [ ] https://xz.aliyun.com/t/3526 46 | - [ ] https://xz.aliyun.com/t/153 47 | - [ ] https://xz.aliyun.com/t/12879 48 | - [ ] https://xz.aliyun.com/t/13287 49 | - [ ] https://www.freebuf.com/news/374367.html 50 | - [ ] https://www.ibm.com/cn-zh/topics/phishing 51 | - [ ] https://baike.baidu.com/item/%E7%BD%91%E7%BB%9C%E9%92%93%E9%B1%BC/1401858 52 | - [ ] [什么是网络钓鱼?](https://info.support.huawei.com/info-finder/encyclopedia/zh/%E7%BD%91%E7%BB%9C%E9%92%93%E9%B1%BC.html) 53 | - [ ] https://www.kaspersky.com.cn/resource-center/definitions/spear-phishing 54 | - [ ] https://powerdmarc.com/zh/phishing-vs-spoofing/ 55 | - [ ] https://powerdmarc.com/zh/why-is-phishing-so-effective/ 56 | - [ ] https://www.secrss.com/articles/50739 57 | - [ ] https://www.secrss.com/articles/27115 58 | - [ ] https://help.eset.com/ems/6/zh-CN/antiphishing.html 59 | - [ ] https://www.zhihu.com/question/348776633 60 | - [ ] https://www.4hou.com/posts/nmOP 61 | - [ ] https://www.51cto.com/article/223380.html 62 | - [ ] https://www.wangan.com/wenda/7497 63 | - [ ] [网络钓鱼-101-关于网络钓鱼攻击的初学者指南](https://hackernoon.com/zh/%E7%BD%91%E7%BB%9C%E9%92%93%E9%B1%BC-101-%E5%85%B3%E4%BA%8E%E7%BD%91%E7%BB%9C%E9%92%93%E9%B1%BC%E6%94%BB%E5%87%BB%E7%9A%84%E5%88%9D%E5%AD%A6%E8%80%85%E6%8C%87%E5%8D%97) 64 | - [ ] http://www.cnetsec.com/article/32731.html 65 | - [ ] https://www.icann.org/resources/pages/phishing-2013-05-03-zh 66 | - [ ] https://academy.binance.com/zh/articles/what-is-phishing 67 | - [ ] https://www.freebuf.com/tag/%E7%BD%91%E7%BB%9C%E9%92%93%E9%B1%BC 68 | - [ ] https://www.freebuf.com/defense/397029.html 69 | 70 | 三、钓鱼项目 71 | - [ ] https://github.com/topics/phishing 72 | - [ ] https://github.com/tib36/PhishingBook 73 | - [ ] https://github.com/kgretzky/evilginx2 74 | - [ ] https://github.com/rev1si0n/another-tmp-mailbox 75 | - [ ] https://github.com/makdosx/mip22 76 | - [ ] https://github.com/SkewwG/henggeFish 77 | - [x] https://github.com/taielab/Taie-AutoPhishing 78 | - [ ] https://github.com/winezer0/FishingAutoMonitor 79 | - [ ] https://github.com/5icorgi/SpoofWeb 80 | - [ ] https://github.com/bingpo/FishingAutoMonitor 81 | - [ ] https://www.freebuf.com/news/374367.html 82 | - [ ] https://github.com/Ignitetch/AdvPhishing 83 | - [ ] https://github.com/UndeadSec/SocialFish 84 | - [ ] https://github.com/rsmusllp/king-phisher 85 | - [ ] https://github.com/richardsonjf/shellphish 86 | - [ ] https://github.com/pentestgeek/phishing-frenzy 87 | - [ ] https://github.com/polkadot-js/phishing 88 | - [ ] https://github.com/ybdt/fish-hub 89 | - [ ] https://github.com/A10ha/EmailSender 90 | - [ ] https://app.zerossl.com 91 | 92 | ## 02-钓鱼分析系统 93 | 94 | 一、钓鱼平台 95 | - [ ] https://github.com/gophish/gophish 96 | - [ ] https://github.com/Raikia/FiercePhish 97 | - [ ] https://github.com/pow1e/pfish 98 | 99 | 二、网站仿冒 100 | 101 | 三、域名注册 102 | 103 | 四、证书认证 104 | 105 | ## 03-钓鱼邮件系统 106 | 107 | 一、邮件系统 108 | 109 | 二、发送邮件 110 | 111 | - https://github.com/chenjj/espoofer 112 | - https://github.com/Jinnrry/PMail 113 | - https://github.com/SkewwG/henggeFish 114 | - https://github.com/sumerzhang/PhishingInstall 115 | 116 | 二、钓鱼邮件模板 117 | 118 | - https://github.com/criggs626/PhishingTemplates 119 | 120 | 五、鱼钩隐藏技术 121 | 122 | ## 04-钓鱼免杀系统 123 | 124 | 九、文件捆绑 125 | 126 | - https://forum.butian.net/share/1778 127 | 128 | ## 05-钓鱼漏洞研究 129 | 130 | - https://github.com/komomon/CVE-2022-30190-follina-Office-MSDT-Fixed 131 | - https://github.com/j5s/CVE-2021-40444 132 | 133 | ## 06-钓鱼技术参考 134 | 135 | - https://github.com/Getshell/BypassAV 136 | 137 | [![Stargazers over time](https://starchart.cc//Getshell/Phishing.svg)](https://starchart.cc/Getshell/Phishing) --------------------------------------------------------------------------------