| |||||
| |||||
Search Irongeek.com:
Help Irongeek.com pay for bandwidth and research equipment: |
This presentation will start by quickly exploring some of the common phishing attack tools and techniques. During the presentation, audience participation will be encouraged in the form of providing examples and personal experience in what phishing techniques people have used and what would be desirable to include in a phishing tool. Additionally, there will be a demo of a new tool which can assist penetration testers in quickly deploying phishing exercises in minimal time. The tool, when provided minimal input (such as just a domain name), can automatically search for potential targets, deploy multiple phishing websites, craft and send phishing emails to the targets, record the results, and generate a basic report. The tool can either work in a stand alone fashion or make use of external tools (such as theHarvester, BeEf, and Recon-NG) if available. Adam Compton currently works as a penetration tester and has over 20 years of infosec experience, 15 years as a penetration tester. He has worked in both the government and private sectors for a variety of customers ranging from domestic and international governments, multinational corporations, and smaller local business.
Eric Gershman is currently working on the security team for a group that manages large systems that enable researchers to do "Big Science". Prior to working in security Eric pursued a bachelors degree in Information Technology at the University of Central Florida. During his time at UCF, he worked as a technician on a large help desk, research intern for an Anti-Virus company and finally as a Linux Systems Administration for several Department of Defense projects.
15 most recent posts on Irongeek.com:
|
If you would like to republish one of the articles from this site on your
webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast