# 社工方案

## 鱼叉攻击（邮件）

### 投递文案策划

#### **目标喜好分析**

#### **目标近期活动分析**

#### **钓鱼文案编写**

### 邮件html模板制作

### 发件人地址伪装

#### **同服邮箱账号注册**

#### **相似域名注册：EvilURL**

#### **发件人伪造：swaks、代发api**

### 邮件安全网关绕过

#### **防欺骗能力检测：SpoofCheck**

#### **钓鱼连接检测绕过：白名单域名URL跳转漏洞**

#### **发送频率控制**

#### **高信誉邮件代发服务**

### 钓鱼邮件批量投递管理系统：FiercePhish、Gophish、king-phisher

## 现场投递

### 无线网络攻击

#### **无线密码破解：NetHunter、万能钥匙**

#### **流量劫持注入：BDFProxy**

### Badusb HID攻击

#### **硬件选择：ps2303芯片U盘、树莓派zero w、Teensy开发板、其他**

#### **固件程序：P4wnP1、Psychson、USB-Rubber-Ducky、360GhostTunnel**

### 存储介质攻击：感染木马文件的光盘、U盘、移动硬盘

### 物理入侵：ID卡伪造、门禁破解、角色扮演、身份伪装

## 水坑攻击

### 常用网站挂马

#### **行业、组织网站挂马：网站、论坛、博客**

### 开放目录挂马

#### **行业、组织开放目录挂马：网盘、共享目录**

### 浏览器攻击框架

#### **Beef**

#### **Browsersploit**

## 供应链攻击

### 通用软件供应链攻击

#### **软件下载/更新源劫持**

**安装源攻击：pip/apt-get源劫持**

开发工具后门：案例xcodeGhost

运维工具后门：案例XshellGhost、putty

**破解、汉化软件后门**

**刷票、翻墙、视频播放工具后门**

#### **基础设施后门利用**

**网络设备后门**

**物联网iot设备后门**

### 软件外包商攻击

#### **源代码攻击（svn、补丁服务器）**

#### **第三方调用资源攻击（组件库、js库、js广告代码）**


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://wiki.iredteam.cn/prophase-interaction/c2-preparation/plan.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.