How to create a phishing email - Part 2

In this expedition edition of the Exploring Information Security podcast, Chris Maddalena a senior security consultant joins me to discuss how to create a phishing email.

Chris (@cmaddalena) joins me to discuss crafting a phishing email. This is something I've recently explored at work. Having little to no experience actually crafting a phish, I decided I'd go to someone who does this on a regular basis. Check out Chris' ODIN tool for automating intelligence gathering, asset discovery, and reporting.

In this episode we discuss:

  • What are the technical steps to creating a phish
  • What needs to be consider from a technical standpoint
  • What is GoPhish and GoReporter
  • How important is timing

Other resources:

How to create a phishing email - Part 1

In this expedition edition of the Exploring Information Security podcast, Chris Maddalena a senior security consultant joins me to discuss how to create a phishing email.

Chris (@cmaddalena) joins me to discuss crafting a phishing email. This is something I've recently explored at work. Having little to no experience actually crafting a phish, I decided I'd go to someone who does this on a regular basis. Check out Chris' ODIN tool for automating intelligence gathering, asset discovery, and reporting.

In this episode we discuss:

  • What you need to consider before creating a phish.
  • Where to get phishing ideas.
  • Where to get phishing templates.
  • What happened when accounting sent out an email.

How to build a malicious link clicker

In this clicking on that link episode of the Exploring Information Security podcast, Daniel Ebbutt and Kyle Andrus join me to discuss how to build a machine that is used to click on malicious links.

Daniel (@notdanielebbutt) and Kyle (@chaoticflaws) are two of the people I go to when I need to have a better understanding of what a malicious link does. They're passion for clicking on links is out of this world. They also provide some really good insights into the work of clicking on links most people shouldn't. I asked if they'd be willing to walk me through building out a machine that could help me do what they do. They kindly obliged and thus another open mic podcast is born.

In this episode we discuss:

  • How to click on a malicious link
  • What we can learn from clicking on a malicious link
  • What the best setup is for clicking on a malicious link
  • What to do with that information