Talkin' Bout [Infosec] News

Building a phishing engagement is hard. While the concept is straightforward, real-world execution is tricky. Being successful takes enormous amounts of up-front setup and knowledge in quickly evolving phishing tactics. While there is always a need to craft a custom email, the most considerable amount of work is setting up an infrastructure to make it all work.

Wouldn’t it be nice if you had a playbook of how to set everything up to save time and prevent mistakes?

What if we coded this playbook so we could share this with others and modify our tactics when things change?

In this Black Hills Information Security (BHIS) webcast, we’re going to do just that. We will take a top-down look at how a phishing engagement is designed. Then we will work through coding this design, so we don’t have to keep building a phish. Lastly, we will touch on how to fly under the radar and how coding TTP’s help save time and guarantee accuracy.

Join the BHIS Community Discord: https://discord.gg/bhis

Music By Beau: https://www.nobandwidth.io

00:00 – FEATURE PRESENTATION: How to Build a Phishing Engagement – Coding TTP’s

01:06 – About Ralph May

01:58 – Disclaimers

03:19 – Overview

03:56 – Phishing is Hard

06:33 – Infrastructure

07:12 – Operational Security

08:39 – Designing a Phish

13:18 – Phishing Emails

15:48 – 1st Tool: EVILGINX2

17:30 – EVILGINX IOC’s

18:20 – 2nd Tool: GoPhish

19:08 – GoPhish IOC’s

20:52 – 3rd Tool: NGINX

Show Notes

Building a phishing engagement is hard. While the concept is straightforward, real-world execution is tricky. Being successful takes enormous amounts of up-front setup and knowledge in quickly evolving phishing tactics. While there is always a need to craft a custom email, the most considerable amount of work is setting up an infrastructure to make it all work. Wouldn’t it be nice if you had a playbook of how to set everything up to save time and prevent mistakes? What if we coded this playbook so we could share this with others and modify our tactics when things change? In this Black Hills Information Security (BHIS) webcast, we’re going to do just that. We will take a top-down look at how a phishing engagement is designed. Then we will work through coding this design, so we don’t have to keep building a phish. Lastly, we will touch on how to fly under the radar and how coding TTP’s help save time and guarantee accuracy. Join the BHIS Community Discord: https://discord.gg/bhis Music By Beau: https://www.nobandwidth.io 00:00 – FEATURE PRESENTATION: How to Build a Phishing Engagement – Coding TTP’s 01:06 – About Ralph May 01:58 – Disclaimers 03:19 – Overview 03:56 – Phishing is Hard 06:33 – Infrastructure 07:12 – Operational Security 08:39 – Designing a Phish 13:18 – Phishing Emails 15:48 – 1st Tool: EVILGINX2 17:30 – EVILGINX IOC’s 18:20 – 2nd Tool: GoPhish 19:08 – GoPhish IOC’s 20:52 – 3rd Tool: NGINX
  • (00:00) - FEATURE PRESENTATION: How to Build a Phishing Engagement - Coding TTP's
  • (01:02) - About Ralph May
  • (01:51) - Disclaimers
  • (03:06) - Overview
  • (03:43) - Phishing is Hard
  • (06:20) - Infrastructure
  • (06:59) - Operational Security
  • (08:26) - Designing a Phish
  • (13:01) - Phishing Emails
  • (15:29) - 1st Tool: EVILGINX2
  • (17:10) - EVILGINX IOC's
  • (18:00) - 2nd Tool: GoPhish
  • (18:48) - GoPhish IOC's
  • (20:31) - 3rd Tool: NGINX
  • (21:45) - 4th Tool: Digital Ocean Cloud Provider
  • (22:10) - 5th Tool: Mailgun Email Service
  • (22:52) - 6th Tool: CDN-Azure
  • (23:33) - Coding a Phish – 1st Tool: Ansible
  • (26:09) - 2nd Tool: Terraform
  • (28:36) - 3rd Tool: Docker
  • (30:22) - Combining Ansible and Terraform
  • (32:14) - Ansible Secrets
  • (34:04) - DEMO: Executing a Phishing Engagement
  • (41:57) - What's Next
  • (43:19) - QnA
  • (56:03) - PostShow Banter™ — Ohs and Ahs

What is Talkin' Bout [Infosec] News?

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
Join us live on YouTube, Monday's at 4:30PM ET