Description: This talk will go over the latest features in the open source phishing tool King Phisher. Some of the latest features offer more advanced templating of both emails and site content. The talk will demonstrate building customized phishing pretexts and specialized scenarios. This talk will also demonstrate the latest visualizations offered by King Phisher which allow the campaign information to be more easily analyzed. This talk will discuss how messages are classified as spam and how it can be avoided using King Phishers SPF integration. Finally the talk will conclude with a demonstration using a server page template to collect credentials and perform a CSRF attack against a targeted page.
Brandan Geise is a Security Consultant at SecureState, specializing in Physical Penetration Tests, Physical Security Assessments and Social Engineering. He holds GIAC’s GCFA and GWAPT certifications, as well as the Social Engineering Pentest Professional (SEPP) certification. In his free time Brandan enjoys honing his lock picking skills, hardware hacking, and researching methods of bypassing physical security control devices. Spencer McIntyre is an avid open source enthusiast and has made contributions to a variety of projects most notably including Metasploit and Scapy.
For More Information Please Visit: - http://bsidescle.com
http://www.irongeek.com/i.php?page=videos/bsidescleveland2015/mainlist
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.