Phishing attacks are a prevalent threat against large or small organisations. As professionals in the security field we need to be able to give our clients the look and feel of what a real "bad guy" may do to attack an organisation.
Leverage Phishing Frenzy and BeEF on your next engagement to ensure your client is getting the most out of their assessment. With simple templates you can launch an effective phishing campaign in minutes, and thanks to the BeEF integration you’ll be hooking and exploiting browsers in no time.
Have you ever wondered what is the best pretext to use during your phishing campaign use-case? What about timeframes? We’ll discuss statistics based on real-world professional phishing engagements. We'll also entertain you with fun (and real) hacking stories involving phishing and client-side exploitation.
Expect some new code to be released during this talk:
- Phishing Frenzy and BeEF seamless integration (including geo location services, visual map representation, and browser finger-printing);
- A solid BeEF autorun engine based on exploitation templates;
- Exploit automation of common enterprise scenarios like Outlook Web Access, Citrix, HTA attacks and others.
With such an open source Swiss army knife in your tool-bag you can finally enjoy your coffee while waiting for credentials and shells.