Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-phishing
https://github.com/H4CK3RT3CH/awesome-phishing
- SSL vs TLS vs STARTTLS
- Two-Factor Authentication for Beginners
- How to encrypt email (Gmail, Outlook iOS, OSX, Android, Webmail)
- Part 3: How to Set up SPF and DKIM with Postfix on Ubuntu Server
- How to Set Up DKIM in 3 Simple Steps
- Authenticated Received Chain Overview
- The "iprev" Authentication Method
- How To Set Up Your Author Domain Signing Practices (HISTORIC)
- Spamtrap 101: What they Are, Why You Hit Them, & What to Do About It
- Classify emails into ham and spam using Naive Bayes Classifier
- Filtering Spam Using Naive Bayes
- Using SpamAssassin
- Sieve Tutorial
- The CRM114 & Mailfilter HOWTO
- fdm/MANUAL
- Nolisting: Poor Man's Greylisting
- Setting up an email honeypot spamtrap, malware, malspam trap.
- How to Add Antivirus and Spam Protection to Postfix Mail Server with ClamAV and SpamAssassin – Part 3
- Email Greylisting. How does greylisting work?
- DNSBL (DNS Black List)
- OSINT: How to find information on anyone
- Use buscador osint vm for conducting online investigations
- Using PGP Keys For OSINT
- Open-Source Intelligence (OSINT) Reconnaissance
- A Guide to Open Source Intelligence Gathering (OSINT)
- OSINT Resources for 2019
- Compilation of recon workflows
- Going phishing with terraform
- Building resilient phishing campaign infrastructure
- Practical Phishing with Gophish
- Strengthen Your Phishing with Apache mod_rewrite and Mobile User Redirection
- Invalid URI Redirection with Apache mod_rewrite
- Expire Phishing Links with Apache RewriteMap
- Operating System Based Redirection with Apache mod_rewrite
- Combatting Incident Responders with Apache mod_rewrite
- Serving Random Payloads with NGINX
- Curi0usJack .htaccess
- Red Team Infrastructure Wiki
- Complete guide creating and hosting phishing page for beginners
- Automating gophish releases
- Mail Server Setup
- Safe red team infrastructure
- Automated red team infrastructure deployment with terraform - part 1
- Automated red team infrastructure deployment with terraform - part 2
- Infrastructure for ongoing red team operations
- Latest Trends in Cybersquatting
- Phishing with Unicode Domains
- Help spear phishing
- Phishing with Cobaltstrike
- Spear Phishing 101
- Evilginx - Advanced Phishing with Two-factor Authentication Bypass
- Evilginx 2 - Next Generation of Phishing 2FA Tokens
- Simulated Phishing Educational Campaign Guide
- Conducting USB Drop Tests With GoPhish
- Luckystrike a database backed evil macro generator
- Powershell empire stagers 1 phishing with an office macro and evading avs
- Executing metasploit empire payloads from ms office documemt properties part 1 of 2
- Executing metasploit empire payloads from ms office documemt properties part 2 of 2
- Phishing against protected view
- Phishing with powerpoint
- Phishing with empire
- Abusing microsoft word features phishing subdoc
- Phishing against protected view
- csv injection
- Excel macros with powershell
- Powerpoint and custom actions
- Macroless malware that avoids detection with yara rule)
- Hacking into whatsapp series part 2 phishing
- Macro-less code exec in msword
- Multi-platform macro phishing payload
- Whats the go to phishing technique or exploit
- MetaPhish: PDF Infection, Web SpearPhishing, TOR abuse & communications
- Microsoft office ntlm hashes via frameset
- Phishing Actor Using XOR Obfuscation Graduates to Enterprise Cloud Storage on AWS
- Kali tools list
- OSINT framework
- Whois
- HaveIBeenPwnd
- Creepy
- Maltego
- Shodan
- Censys
- TheHarvester
- Recon-ng
- TinEye
- SearX
- Evilginx2
- GoReport
- Phishbuckets
- Lure
- Social Engineering Toolkit
- King Phisher
- FiercePhish
- ReelPhish
- Fishing Cat Server
- GoPhish
- LUCY
- CredSniper
- PwnAuth
- sptoolkit
- SpearPhisher
- Wifiphisher
- Ares
- Phishing-frenzy
- SPF
- Phishing pretexts
- Mercure
- Metasploit
- Cobalt strike
- PoT - Phishing On Twitter
- Domain Hunter
- BlackEye
- SocialFish
- The Browser Exploitation Framework
- LuckyStrike
- Shellter
- msfvenom
- The Backdoor Factory
- Veil framework
- Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails
- Phishing for Phools: The Economics of Manipulation and Deception
- Scam Me If You Can: Simple Strategies to Outsmart Today's Rip-off Artists
- Phishing: Detection, Analysis And Prevention
- Social Engineering: The Science of Human Hacking
- Don't Step in the Trap: How to Recognize and Avoid Email Phishing Scams
- Asset Attack Vectors: Building Effective Vulnerability Management Strategies to Protect Organizations
- Cyberpsychology: The Study of Individuals, Society and Digital Technologies
- Stealing Your Life: The Ultimate Identity Theft Prevention Plan
- Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information
- Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves
- Spam Nation: The Inside Story of Organized Cybercrime - from Global Epidemic to Your Front Door
- Darknet diaries: The hack
- YouTube Impersonation Scams Offering Fake Rewards are Running Wild
- Tainted Leaks: Disinformation and Phishing With a Russian Nexus
- Nile Phish: Large-Scale Phishing Campaign Targeting Egyptian Civil Society
- Exposing One of China’s Cyber Espionage Units
- Grizzly Steppe - Russian Malicious Cyber Activity
- Analysing a massive Office 365 phishing campaign
- Gmail Phishing Campaign Racking Up Victims
- Spying on a Budget: Inside a Phishing Operation with Targets in the Tibetan Community
- An OSINT Analysis of the Elon Musk Bitcoin Scam
- Reckless Redux: Senior Mexican Legislators and Politicians Targeted with NSO Spyware
- Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware
- Shifting Tactics: Tracking changes in years-long espionage campaign against Tibetans
- Packrat: Seven Years of a South American Threat Actor
- How millions of DSL modems were hacked in Brazil, to pay for Rio prostitutes
- Cloned RFE/RL phishing website in Uzbekistan
- Chinese hackers steal Gmail passwords: Google
- The RSA Hack: How They Did It
- Catching phishing before they catch you
- The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators
- Does Domain Highlighting Help People Identify Phishing Sites?
- Email Phishing Protection Guide – Blog 19: Email Phishing Protection Security Checklist
- Backtrack phishing email using Open-source intelligence gathering
- Phishing - Advanced URL Analysis - Obfuscation, Clickjacking and OSINT Gathering
- Blunting the phishers spear: A risk-based approach
- Deconstructing the Phishing Campaigns that Target Gmail Users
- How to Recognize Phishing Emails
- What can be learned from a phishing domain
- Dealing with cybersquatting, typosquatting and phishing
- Ichthyology-phishing-as-a-science
- DeepPhish: Simulating Malicious AI
- Why Phishing Works
- PhishEye: Live monitoring of sandboxed phishing kits
- Phishnet: predictive blacklisting to detect phishing attacks
- The current state of phishing attacks
- Resurgence of Phishing-as-a-Service (PhaaS) platforms
- Phishing in the public cloud: You’ve been served
- Decoys, Phishing, and the Cloud: The Latest Fan-out Effect
- Targeted Attacks Abusing Google Cloud Platform Open Redirection
- Understanding User Behaviors When Phishing Attacks Occur
- Weaponizing data science for social engineering: Automated E2E spear phishing on Twitter
- Do security toolbars actually prevent phishing attacks?
- Large-scale automatic classification of phishing pages
- Social phishing
- Phishing for phishing awareness
- A Framework for Detection and Measurement of Phishing Attacks
- PHISHING DETECTION VIA ANALYTIC NETWORKS
- Evasive Phishing Driven by Phishing-as-a-Service
- There Is No Free Phish: An Analysis of" Free" and Live Phishing Kits.
- PHISHING FACTORIES AND ECONOMIES
- The Economy of Phishing: A Survey of the Operations of the Phishing Market
- Phishing Filosophy: Some philosophy to consider before launching a phishing test against your own company
- Mitre ATT&CK: Spearphishing link
- Mitre ATT&CK: Spearphishing attachment
- Mitre ATT&CK: Spearphishing via service
- KnowBe4 info site
- OWASP: Social Engineering
- Anti-Pharming 101: What are pharming attacks?
- HackBack: A DIY Guide
- A DIY Guide for those without the patience to wait for whistleblowers
- Google Phishing Quiz
- OpenDNS Phishing Quiz
- PhishTank
- PhishBank
- Defcon 24: Phishing without failure and frustation
- TedX: This is what happens when you reply to spam email
- VirusTotal
- mx toolbox
- TedX: Phishing for phools
- The OSINT-ification of ISIS on the Dark Web
- Amazing mind reader reveals his gift
Programming Languages
Keywords
phishing
7
python
5
security
5
hacking
3
pentesting
3
ruby
2
rails
2
email
2
heroku
1
fishing-cat
1
cat
1
golang
1
gophish
1
penetration-testing
1
netsec
1
phishing-frenzy
1
rails-phishing-framework
1
bdf
1
capstone
1
elf
1
file-infector
1
macho
1
pe
1
campaign
1
undead
1
pentest
1
educational
1
king-phisher
1
subdomain-enumeration
1
redteam
1
reconnaissance
1
recon
1
osint
1
information-gathering
1
emails
1
discovery
1
blueteam
1
redirector
1
red-team
1
infrastructure
1
empire
1
cobalt-strike
1
veil
1
evasion
1
antivirus
1