Posted On:email phishing Archives - Pentest Geek
It’s been a little over a year since I started phishing full time with Phishing Frenzy and there is no looking back now. The project has really come a long way since I first started with it. I can’t thank the community enough for all the support and contributions along the way. Phishing today seems more enjoyable than ever before and I owe a lot of that gratification to Phishing Frenzy.
If you haven’t had a chance to checkout the project, I highly recommend you do and get involved. We are always seeking new templates to be added to our official gallery for the entire community to use, tweak and share.
The development and addition of new features within Phishing Frenzy (PF) continues to grow. Some of these latest upgrades and email phishing features come from a lot of feedback that I have obtained from the community. Thank you all for the great feedback regarding PF.
Recently PF was converted and upgraded to run the latest version of bootstrap. Previously PF was running bootstrap version 2 and was missing out on some of the latest bootstrap features. The conversion was fairly long and painful, but the end result is very pleasing.
A couple weeks ago I presented at this years Derbycon on an email phishing platform that I have been working on. The web application is geared towards penetration testers who want to help streamline the creation and management of email phishing campaigns. The application is written in ruby on rails and is available for download on the Github repository: Phishing Frenzy.
For those of you who came out to my presentation, I appreciate you all getting up so early (Saturday 9am) to hear my talk. Those of you who missed the talk I went over some of the features of Phishing Frenzy and launched a live phishing simulation. You can see the recording below thanks to irongeek. If your looking to see just the demo, fast forward to 11:52.
When performing email phishing engagements my clients often ask or want to know what users actually clicked on the phishing email. There are many ways to accomplish this task, but I’m going to discuss the method I use to track each unique visitor to my phishing website.
I prefaced this article in one of my previous blog posts “How do I phish” where I discuss using a ruby script I call sendmail.rb. There is nothing special or magical about the script, it just offers an alternative way to send phishing emails that will assist in tracking each unique visit to your phishing website. There is also value in knowing the CIO or some other C-level executive was just phished.
I’m often times asked how I perform email email phishing attacks. Email phishing attacks are very compelling, and unique to each situation. The process of creating a successful email phishing campaign is very methodical, and most of the time and effort goes up front into the planning phase.
Understanding that good security is a multilayer approach and we will have many layers of security that could potentially destroy our email phishing campaign. Some of these layers may include Email Gateway Spam Filters, Outlook ‘Junk Email’ Filters, Host based Antivirus, Intrusion Prevention Systems, Web Proxy Servers, Egress filtering, and the list goes on and on.
Get The Code:
This is just a quick post to highlight some of the new features added to the developmental branch of Jigsaw with SQLite3 support. In order to use this tool you’ll need to first install the ‘sqlite3-ruby’ gem. I do all of my ruby development using version 1.9.2 installed via RVM, so I recommend a similar environment because In my experience installing gems can be tricky when not using RVM.
$gem install sqlite3-ruby
The help menu says that you can write to a database instead of a CSV file by using the -D option and specify the name of the .db file you want to output too.
Sometimes when you fill the role of a consultant you never know what type of engagements will be thrown your way. How can you train someone to expect the unexpected with computer security. The topic is so huge, and there is so much to learn in this gigantic sea of knowledge.
Recently I was sent on an engagement in Trinidad while it’s country was in a state of emergency. I had never traveled international before so I was required to get a passport. I had to expedite my passport since I was supposed to be in Trinidad in less than a week. Once the passport arrived, I was smooth sailing; so I thought.
I missed my flight to Trinidad which was supposed to leave Minnesota around 9am CST. I panicked and thought I would never find a flight to Trinidad in time. I called my travel agent and was very surprised to find there was an afternoon flight heading to Trinidad. The only catch was that it had a six hour layover in Newark, New Jersey and the connecting flight to Trinidad was between 12am – 6am EST. I didn’t have any other options at this point, so I took it.
Follow Pentest Geek
Subscribe to Pentest Geek
- How To Install Metasploit Framework Ubuntu 14.04
- How to Install Nmap From Source
- Another Lap Around Microsoft LAPS
- Credential Harvesting via MiTM – Burp Suite Tutorial
- SSL Certificate from letsencrypt.org – Setup Guide
- Forensics and Incident Response
- Information Gathering
- Penetration Testing Tutorials
- Web Applications