A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Phishing Without Ruby - Brandan Geise Spencer McIntyre coldfusion39 Bsides Cleveland 2015 (Hacking Illustrated Series InfoSec Tutorial Videos)

Phishing Without Ruby
Brandan Geise Spencer McIntyre coldfusion39

This talk will go over the latest features in the open source phishing tool King Phisher. Some of the latest features offer more advanced templating of both emails and site content. The talk will demonstrate building customized phishing pretexts and specialized scenarios. This talk will also demonstrate the latest visualizations offered by King Phisher which allow the campaign information to be more easily analyzed. This talk will discuss how messages are classified as spam and how it can be avoided using King Phishers SPF integration. Finally the talk will conclude with a demonstration using a server page template to collect credentials and perform a CSRF attack against a targeted page.

Brandan Geise is a Security Consultant at SecureState, specializing in Physical Penetration Tests, Physical Security Assessments and Social Engineering. He holds GIAC’s GCFA and GWAPT certifications, as well as the Social Engineering Pentest Professional (SEPP) certification. In his free time Brandan enjoys honing his lock picking skills, hardware hacking, and researching methods of bypassing physical security control devices. Spencer McIntyre is an avid open source enthusiast and has made contributions to a variety of projects most notably including Metasploit and Scapy.


Back to Bsides Cleveland 2015 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast