Completed
Intro
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Phishing - Going from Recon to Credentials
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 "Phishing is the attempt to acquire sensitive information...by masquerading as a trustworthy entity in an electronic communication." - Wikipedia Phishing
- 3 Types of Attacks • Phishing - Usually no specific targets and for monetary gain • Spear Phishing - specific individuals or groups • Whaling - targeting executives
- 4 Setup and Deploy - Domain & Email • Domain Registration • Mass Mailers • Open Relays for the target domain
- 5 Setup and Deploy - Web • Web Server Setup • Web Site Cloning • Web Application Development
- 6 Responses / Post Exploitation • Credential Harvesting - testing credentials • Additional phishing attacks from trusted accounts • Malware - Connecting to botnet/shells and maintaining persistence • E…
- 7 Preparation User Awareness & Periodic Testing Detection & Analysis Alerts, Mail Proxies Containment, Eradication and Recovery Have a plan that is ready and tested
- 8 SpeedPhish Framework - SPF • Automates common tasks needed to perform a phishing exercise • Written in Python • Full/Partial automation • Can make use of external tools if available
- 9 Future Features • Company Profiler
