Zatsopano ndi Zosintha kuchokera ku GoPhish for Security Awareness Training

Introduction

GoPhish ndiyosavuta kugwiritsa ntchito komanso yotsika mtengo yoyeserera yachinyengo yomwe mutha kuwonjezera pa pulogalamu yanu yophunzitsira zabodza. Mosiyana ndi ena oyeserera ena otchuka, GoPhish imasinthidwa pafupipafupi ndi zatsopano. M'nkhaniyi, tiwona zina mwazinthu zatsopano zodziwika bwino kuyambira mtundu wa 0.9.0.

Ikani GoPhish Phishing Platform pa Ubuntu 18.04 mu AWS

Zatsopano

Zoyambira Zodalirika Zowonjezeredwa ku CSRF Handler GoPhish tsopano zimalola kusintha trusted_origins mu fayilo ya config.json. Izi zimakupatsani mwayi wowonjezera ma adilesi omwe mumayembekezera kuchokera pamalumikizidwe omwe akubwera. Izi ndizothandiza ngati chowerengera cham'mwamba chimagwira kuletsa kwa TLS m'malo mwa pulogalamuyo.

Tinayambitsa kutsatira zomata powonjezera zosintha za GoPhish m'mitundu yosiyanasiyana yamafayilo omwe amatha kulumikizidwa ndi maimelo. Mwachitsanzo, ndizotheka kuphatikiza "Moni {{.FirstName}}, chonde dinani apa: {{.URL}}" mu Word document kapena onjezani mapikseli olondola kumadokumenti. Izi zidzadziwitsa ogwiritsa ntchito akatsegula mafayilo ophatikizidwa kapena kuthandizira ma macros muzolemba za Office. GoPhish imathandizira mafayilo owonjezera awa: docx, docm, pptx, xlsx, xlsm, txt, html, ndi ics.

Anawonjezera luso lofotokozera wotumiza ma envelopu mu ma templates. Ikasiyidwa yopanda kanthu, ibwerera ku SMTP-Kuchokera mu Sender-settings. Izi zitha kugwiritsidwa ntchito podutsa macheke a SPF koma kutumiza imelo ya spoofing.

Anakhazikitsa mfundo zachinsinsi za olamulira ndikuchotsa mawu achinsinsi akuti "gophish". M'malo mwake, mawu achinsinsi oyambira tsopano amapangidwa mwachisawawa ndikuwonetsedwa mu terminal poyambitsa Gophish koyamba. Ngati ndi kotheka, mawu achinsinsi oyambira ndi kiyi ya API zitha kuchotsedwa pogwiritsa ntchito zosintha zachilengedwe.

Zowonjezera zothandizira ma webhooks. Pokonza webhook, Gophish tsopano ikhoza kutumiza zopempha za HTTP kumalo omaliza olamulidwa. Zopemphazi zikuphatikiza gulu la JSON la chochitikacho, chomwe ndi JSON yemweyo yemwe mungalandire kudzera pa API. Kuwongolera uku kumapereka zosintha zenizeni pazochitika za kampeni. Izi zimakupatsirani zosintha zenizeni zamakampeni anu omwe akupitilira.

Tinayambitsa luso lokonzekera zambiri za IMAP mu Gophish, zomwe zimalola kutenga maimelo a kampeni ndikuzilemba monga momwe zafotokozedwera.

Kutsiliza

Ndi zatsopanozi, mutha kugwiritsa ntchito GoPhish yotetezeka komanso yothandiza. Pomwe zotulutsidwa zina zikubwera mtsogolomo, GoPhish ikhalabe chida chofunikira kwa mabungwe omwe akufuna kulimbikitsa maphunziro awo achinyengo.

Momwe Mungachotsere Metadata pa Fayilo

April 27, 2024 No Comments

Momwe Mungachotsere Metadata mu Fayilo Yoyambira Metadata, yomwe nthawi zambiri imatchedwa "deta ya data," ndi chidziwitso chomwe chimapereka zambiri za fayilo inayake. Iwo

Werengani zambiri "

Kudutsa Kufufuza pa intaneti ndi TOR

April 27, 2024 No Comments

Kudutsa Kufufuza pa intaneti ndi TOR Mau oyamba M'dziko lomwe mwayi wopeza zidziwitso ukuchulukirachulukira, zida ngati netiweki ya Tor zakhala zofunikira kwambiri

Werengani zambiri "

Zilembo za Kobold: Ziwopsezo za HTML zochokera ku Email Phishing

April 18, 2024 No Comments

Makalata a Kobold: HTML-based Email Phishing Attacks Pa Marichi 31st 2024, a Luta Security adatulutsa nkhani yowunikira pa vector yatsopano yaukadaulo, Kobold Letters.

Werengani zambiri "

Zatsopano ndi Zosintha kuchokera ku GoPhish for Security Awareness Training

Introduction

Zatsopano

Kutsiliza

Momwe Mungachotsere Metadata pa Fayilo

Kudutsa Kufufuza pa intaneti ndi TOR

Zilembo za Kobold: Ziwopsezo za HTML zochokera ku Email Phishing

Services

Kampani Yathu

Adilesi Yathu

Solutions

Security FAQ

Media Social