Tag: phishing

Penetration Testing, Phishing, Social Engineering

Prepare your Debian server to host a phishing site

It should be noted that the following guide has been tested and it is working for Debian 8.5-8.6. Update your system sudo apt-get updatesudo apt-get update sudo apt-get dist-upgradesudo apt-get dist-upgrade Install MySQL sudo apt-get install mysql-serversudo apt-get install mysql-server Activate MySQL sudo mysql_install_dbsudo mysql_install_db Configure MySQL sudo /usr/bin/mysql_secure_installationsudo /usr/bin/mysql_secure_installation Install PHP sudo apt-get install …

Add-ons, Browsers, Firefox, Protection, Security

Firefox Anti-phishing addon

WorldIP is a Firefox Geo Add-on with security features and advanced network tools, anti-phishing mechanisms and protects against DNS spoofing and fake sites. It provides also all DNS records for a domain, the real location of the web server, the country and extended information about the datacenter. WorldIP provides the following information: – all IP …

Metasploit, Phishing

MSSQL Phishing with metasploit

Metasploit has a mssql capture module, called mssql. This module provides a fake MSSQL service that is designed to capture MSSQL server authentication credentials. The module supports both the weak encoded database logins as well as Windows logins (NTLM).   To select the capture module type: use auxiliary/server/capture/mssqluse auxiliary/server/capture/mssql   Options You can set CAINPWFILE …

Metasploit, Phishing

Let’s go Phishing

Phishing is an attempt to steal sensitive information by impersonating a well known organization or website. In the same manner you can trick a user to steal her MySQL credentials. One of the abilities of Metasploit is this, mimic known services and capture user credentials. Among the various capture modules there is a module called …