Ever since the first version of SET (have to give Dave props since it is "his" conference) the open source community has embraced the need for phishing tools. Tools like: PhishingFrenzy, Ice-hole, Phemail, Spf, SET, etc. are good and serve their purpose but are they the best bang for the buck? We will compare open source technologies to PHaaS technologies and make the case that for large (500+ emails - easy for a corporation to hit) PHaaS is the best option. Time permitting we will demonstrate how to use PHaaS to do the broad scan and opensource tools to do the exploitation. Note I do not have any ties with the vendor/solutions discussed in this talk, I am simply a user that likes the tools and the value add they bring to a phishing engagement.
Cyber Security Geek 20 yrs of experience - god I am old One look at me and you can tell, I am lazy! Don't worry about offending - I am and own up to it. Because I am lazy, I have always looked at ways to improve on processes to include looking at the "busines side" of how to make things easier and more efficient. Spoke at DerbyCon 3, various Bsides, and taught various classes - what does this mean to? You won't be bored in my talk. Cuddly and soft - love hugs, money ... and beer I welcome getting any/all of them.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek