Search Results For ""
Track User Clicks when Email Phishing
![Track User Clicks when Email Phishing](https://www.pentestgeek.com/wp-content/uploads/icons/jackass-johnny-knoxville-1.jpg)
When performing email phishing engagements my clients often ask or want to know what users actually clicked on the phishing email. There are many ways to accomplish this task, but I’m going to discuss the method I use to track each unique visitor to my phishing website.
I prefaced this article in one of my previous blog posts “How do I phish” where I discuss using a ruby script I call sendmail.rb. There is nothing special or magical about the script, it just offers an alternative way to send phishing emails that will assist in tracking each unique visit to your phishing website. There is also value in knowing the CIO or some other C-level executive was just phished.
NetLM Downgrade Attacks with Metasploit
![NetLM Downgrade Attacks with Metasploit](https://www.pentestgeek.com/wp-content/uploads/icons/jackass-johnny-knoxville-1.jpg)
Metasploit Module [1]
Recently I added a post exploit module to the metasploit framework that will help automate the NetLM Downgrade attack. If you are not familiar with the attack, I highly suggest you read the following article by Dave Howard before continuing.
The purpose of this article is not to describe the NetLM attack, but rather demonstrate how the post exploit module functions and how it can save time on a pentest or even get you that next step in order to take over the network.
Jigsaw.rb Now With SQLite3 Database Support
![Jigsaw.rb Now With SQLite3 Database Support](https://www.pentestgeek.com/wp-content/uploads/icons/100x100_1234788350_2.jpg)
Get The Code:
https://github.com/pentestgeek/jigsaw/tree/dev
This is just a quick post to highlight some of the new features added to the developmental branch of Jigsaw with SQLite3 support. In order to use this tool you’ll need to first install the ‘sqlite3-ruby’ gem. I do all of my ruby development using version 1.9.2 installed via RVM, so I recommend a similar environment because In my experience installing gems can be tricky when not using RVM.
[crayon show-plain-default=”true”]
$gem install sqlite3-ruby
[/crayon]
The help menu says that you can write to a database instead of a CSV file by using the -D option and specify the name of the .db file you want to output too.
Read More
Share This
Recent Posts
- Playing With the New Burp Suite REST API
- Burp Suite 2.0 Beta Review
- Attacking Palo Alto Networks PAN-OS ‘readSessionVarsFromFile()’
- GPG Errors While Updating Kali Linux
- Installing Kali NetHunter on HTC Nexus 9
Subscribe To Our Mailing List
The Ultimate Burp Suite Training Program
Learn Network Penetration Testing
Penetration Testing
Categories
- AWBS
- Burp Suite
- Definitions
- Forensics and Incident Response
- Information Gathering
- Metasploit
- Penetration Testing Tutorials
- Phishing
- Presentations
- Tools
- Web Applications
- Wireless