EPISODE · Oct 12, 2019 · 50 MIN
7MS #384: Creating Kick-Butt Credential-Capturing Phishing Campaigns
from 7 Minute Security · host Brian Johnson
In this episode I talk about some things I learned about making your own kick-butt cred-capturing phishing campaign and how to do so on the (relatively) quick and (relatively) cheap! These tips include: Consider this list of top 9 phishing simulators. Check out GoPhish! Then spin up a free tier Kali AWS box Follow the instructions to install GoPhish and get it running on your AWS box Use the Expired Domains site to buy up a domain that is similar to your victim - maybe just one character off - but has been around a while and has a good reputation Add a G Suite or O365 email account (or whatever email service you prefer) to the new domain Create a convincing cred-capturing portal on GoPhish - I used some absolutely disguisting and embarassing HTML like this (see show notes on 7ms.us): Use this awesome article to secure your fancy landing page with a LetsEncrypt cert! Have fun!!!
NOW PLAYING
7MS #384: Creating Kick-Butt Credential-Capturing Phishing Campaigns
No transcript for this episode yet
Similar Episodes
Jul 14, 2026 ·77m
Jun 20, 2026 ·31m
Jun 20, 2026 ·24m
Jun 20, 2026 ·42m
Jun 20, 2026 ·26m
Jun 20, 2026 ·22m