New phishing websites are setup every few seconds with intentions on stealing your credentials, infecting your system, or convincing you via social engineering. Most of these sites are distributed and deployed through (mostly crude) automation which usually results in attackers leaving their kits behind. During this talk we will walk through what phish kits are, why they are important for security research, and how you can automate identifying these kits in the wild.

Josh Rickard serves as a security research engineer at Swimlane. He is a GIAC Certified Windows Security Administrator (GCWN) and GIAC Certified Forensic Analyst (GCFA). He has a diverse background ranging from system administration to digital forensics and incident response to managing teams and products. As a Windows security expert, Josh focuses on creating tools to help defend and automate everyday processes using PowerShell and Python. You can engage with Josh via his blog, letsautomate.it, or Twitter at @MSAdministrator.

@MSAdministrator

Back to Derbycon 2019 video list