Teach a Man to Phish
PHISHING SCHOOLA Decade of Distilled Phishing WisdomI decided to give away all of my phishing secrets for free. I realized at some point that I have been giving away phishing secrets for years, but only to select individuals, and only one at a time. That method of knowledge dissemination is terribly ... Read More
Sleeping With the Phishes
PHISHING SCHOOLHiding C2 With Stealthy Callback ChannelsWrite a custom command and control (C2) implant — Check ✅Test it on your system — Check ✅Test it in a lab against your client’s endpoint detection and response (EDR) product — Check ✅Convince a target to download the payload — Check ✅Get your hard earned shell… — Nada! Nil! Goose Egg! ❌What happened?If we’ve written a custom implant, and ... Read More
Deep Sea Phishing Pt. 2
PHISHING SCHOOLMaking Your Malware Look Legit to Bypasses EDRI wanted to write this blog about several good techniques for endpoint detection and response (EDR) evasion; however, as I was writing about how to evade EDRs, I was hit with an epiphany:💡“EDR evasion is all about looking like legitimate software” — ph3eds, 2024Boom! That’s it! ... Read More
Deep Sea Phishing Pt. 1
PHISHING SCHOOLHow to Bypass EDR With Custom PayloadsIf endpoint detection and response (EDR) protections keep blocking your phishing payloads, you really should learn how to write custom payloads. If you’ve never written a custom payload, this is a great place to start. If you have some experience with custom payloads, I ... Read More
Phish Out of Water
PHISHING SCHOOLBypassing Web Proxies so Your Phish Don’t SuffocateYou just fought long and hard to convince a user to click on your link. They are dying to know about the contents of your macro enabled excel file. So, don’t let web proxies ruin your fun by blocking your payload! We ... Read More
Drink Like a Phish
PHISHING SCHOOLHow to Make Your Phishing Sites Blend InAs you read this, bots are coming to find and destroy your phishing sites. You need to protect them before it’s too late! But how?A phishing page is no good if our targets never get to see it. After bypassing the secure email gateway, ... Read More
Like Shooting Phish in a Barrel
PHISHING SCHOOLBypassing Link CrawlersYou’ve just convinced a target user to click your link. In doing so, you have achieved the critical step in social engineering:Convincing someone to let you in the door!Now, we just have a few more technical controls that might get in the way of us reeling in our catch ... Read More
I Will Make you Phishers of Men
PHISHING SCHOOLConvincing Targets to Click Your LinksWhen it comes to phishing advice, the number one question I get from co-workers is “what campaigns are you using?”. People see my success, and wish to emulate it. Well, if a phish is what you wish, I would like you to meet my friend Ish:Who ... Read More
Feeding the Phishes
PHISHING SCHOOLBypassing Phishing Link FiltersYou could have a solid pretext that slips right by your target secure email gateway (SEG); however, if your link looks too sketchy (or, you know, “smells phishy”), your phish could go belly-up before it even gets a bite. That’s why I tend to think of link ... Read More
Fly Phishing
PHISHING SCHOOLHow to Bypass SPAM FiltersIf you have ever written the word “click” in a phishing email, then trust me; You need my help.Be honest with me.Have you ever written the word “click”, or “upgrade”, or “w-2” in the body of a phishing email?If so, you have committed a cardinal sin in the phishing ... Read More
