7MS #482: Creating Kick-Butt Credential-Capturing Phishing Campaigns - Part 3
7 Minute Security26 Aug 2021

7MS #482: Creating Kick-Butt Credential-Capturing Phishing Campaigns - Part 3

Today we're continuing our discussion on phishing campaigns - including a technical "gotcha" that might redirect your phishing emails into a digital black hole if you're not careful!

As I mentioned last week, I've been heavy into spinning up and tearing down phishing campaigns, so I finally got around to documenting everything in episode 481.

This week I ran into a bizarre issue where test phishes to myself suddenly disappeared from my Outlook altogether! After chatting with some folks on Slack I did a message trace in the Exchange Admin Center under:

  • Mail flow > Message Trace > Start a trace then make the Sender field be the user you're sending phishing emails from. That showed me that my phishes were being quarantined!

To get around the quarantine, I went into Mail flow > Rules and then created a new rule with the following properties:

  • Apply this rule if > The sender's domain is > yourphishingdomain.com

Then under Do the following:

  • Set the spam confidence level (SCL) to...Bypass spam filtering

Under And, click the drop-down and choose:

  • Modify the message properties...set a message header...X-MS-Exchange-Organization-BypassClutter

Then click where it says Enter text and change header value to True and click OK.

Avsnitt(690)

7MS #81: OSWP-Part 2

7MS #81: OSWP-Part 2

A continuation of our thrilling, exciting, mind-blowing series on OSWP (Offensive Security Wireless Professional)!

30 Juli 20158min

7MS #80: OSWP-Part 1

7MS #80: OSWP-Part 1

This episode kicks off a multi-part series all about the OSWP (Offensive Security Wireless Professional) certification.

28 Juli 20157min

7MS #79.5: UPDATE(!) on My Love-Hate Relationship with Nessus

7MS #79.5: UPDATE(!) on My Love-Hate Relationship with Nessus

In episode #79 I shared some gripes about Nessus. Those gripes were quickly answered by Tenable staff/support so I wanted to pass relevant updates on to you!

27 Juli 20156min

7MS #79: My Love-Hate Relationship with Nessus

7MS #79: My Love-Hate Relationship with Nessus

In this episode I talk about one of my favorite vulnerability scanners, Nessus, and why I want to simultaneously hug it and punch it in the neck.

23 Juli 20157min

7MS #78: It's All About Segmentation

7MS #78: It's All About Segmentation

In this episode I advocate for proper network segmentation, as doing it (well and right!) can seriously reduce your risks!

21 Juli 20157min

7MS #77: OFFTOPIC-Rickrolling Your Coworkers for Fun and Profit

7MS #77: OFFTOPIC-Rickrolling Your Coworkers for Fun and Profit

This week i used my Wifi Pineapple to scare and amuse my coworkers and lure them into a Rickroll trap. All the gory details in today's episode!

16 Juli 20157min

7MS #76: Lessons Learned from LastPass

7MS #76: Lessons Learned from LastPass

I know this is a bit late, but I wanted to talk a little about the LastPass breach and why I'll still remain a customer.

14 Juli 20157min

7MS #75: OFFTOPIC-My Son's Piano Recital

7MS #75: OFFTOPIC-My Son's Piano Recital

I wanted to share (what I think is) an amusing anecdote about my son's first piano recital, which was topped off by a kid playing the song "Lucky." Many LOLs commenced for me.

9 Juli 20159min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-viva-fotboll
rss-krimstad
flashback-forever
fordomspodden
aftonbladet-daily
rss-vad-fan-hande
rss-sanning-konsekvens
olyckan-inifran
svd-dokumentara-berattelser-2
dagens-eko
motiv
rss-frandfors-horna
krimmagasinet
rss-krimreportrarna
svd-nyhetsartiklar
blenda-2
spar
kungligt