casting with the pros
play

Casting with the Pros Tips and Tricks for Effective Phishing Nathan - PowerPoint PPT Presentation

Sep 04, 2022 •115 likes •456 views

Casting with the Pros Tips and Tricks for Effective Phishing Nathan Sweaney @sweaney nathan@secureideas.com Nathan Sweaney Security Consultant with Secure Ideas BSidesOK Organizer ISSA Oklahoma OWASP Tulsa @sweaney

  1. Casting with the Pros Tips and Tricks for Effective Phishing Nathan Sweaney @sweaney nathan@secureideas.com

  2. Nathan Sweaney • Security Consultant with Secure Ideas • BSidesOK Organizer • ISSA Oklahoma • OWASP Tulsa • @sweaney • nathan@secureideas.com secureideas.com

  3. Agenda Campaign Design Targeting Infrastructure Setup Bypassing Defenses secureideas.com

  4. Why Phish? • Meatware is vulnerable • Recent Breaches • User Awareness Training • Executive Impact secureideas.com

  5. Latest & Greatest Executable Payloads secureideas.com

  6. Campaign Design secureideas.com

  7. Campaign Design > Assessment Goals • What’s the org hoping to get? • Goal-oriented tests vs Awareness training • Consider white-box/grey-box testing • Levels of Simulation secureideas.com

  8. Campaign Design > Desired Outcome • Click links to a malicious site • Download & execute a file • Remote access • Provide credentials • XSS • Establish rapport secureideas.com

  9. Campaign Design > Ruse Considerations • Use current events – Especially emotionally-charged events – But be careful • Holidays • Target-specific situations • Existing technologies secureideas.com

  10. Campaign Design > Domain Name Selection • Start with Recon – Learn what the target is used to seeing 3 rd Party services? (HR, Payroll, Training, etc) – • Familiar/Similar Domains – companymail.com – mail.company.mailserver.com • Generic Domains – mail-sender.com – eventcoordinator.com • Punycode – portal.xn--securideas-f7a.com – portal.securéideas.com – www.xn--securedeas-2ub.com – www.secureıdeas.com secureideas.com

  11. Campaign Design > Use Psychology • Humans are easily controllable – Urgency – Emotion – Familiarity – Eagerness to help/serve • Critical Faculty – Spell check – Mimic email signatures – Realistic & similar domains – Context-appropriate language – Existing conversations • Be Evil secureideas.com

  12. But not TOO evil secureideas.com

  13. Examples secureideas.com

  14. secureideas.com

  15. secureideas.com

  16. secureideas.com

  17. secureideas.com

  18. Targeting secureideas.com

  19. Targeting > Number of Victims • One/Several/Everyone? • Remember the goal • Response Time • Prairie dog issue secureideas.com

  20. Targeting > Victim Type • Particularly vulnerable – Legal – HR – Accounting – Sales • Particularly privileged – Sys Admins/Network Admins – Executives – Helpdesk secureideas.com

  21. Targeting > Finding Victims • Social Media – LinkedIn • Lead Generation sites – site:zoominfo.com “domainname.com" – Bizshark – Pipl – Clearbit – RIP data.com • Tools – Recon-ng – theHarvester – datasploit secureideas.com

  22. Targeting > Finding More Victims • The company’s website – Blog – Metadata • 3 rd Party tools – Github • Data breach dumps • AD • Phishing/Vishing secureideas.com

  23. Infrastructure secureideas.com

  24. Infrastructure > SMTP Server • Your laptop • Hosted – AWS/Azure/etc (cloud-based) – Gmail/Office365 – MailChimp, SendGrid, etc – Target’s mail servers (open relays) • Considerations – Server age – Domain age – IP Reputations secureideas.com

  25. Infrastructure > Technology • Sendmail • Toolkits – GoPhish – Modlishka – Evilginx2 – Phishing Frenzy – King Phisher – Social Engineering Toolkit • LetsEncrypt • PhishMe, KnowBe4, etc secureideas.com

  26. Infrastructure > Alternatives to Email • SMS • Facebook/Twitter/LinkedIn • What’s App • Slack • NextDoor • Think outside the box – Suspicion is context-sensitive secureideas.com

  27. Bypassing Defenses secureideas.com

  28. Bypassing Defenses > Anti-malware • AV – https://github.com/Veil-Framework/Veil – Online Scanners • VirusTotal • MetaScan (https://metadefender.opswat.com) • VirSCAN (http://www.virscan.org) • NoDistribute (https://nodistribute.com) • Hybrid Analysis (https://www.hybrid-analysis.com) • Watch out for automated sandbox analysis • EDR Tools – Good luck – Keep it simple secureideas.com

  29. Bypassing Defenses > Content Filtering • Content Filtering Submission Forms Symantec/Bluecoat https://sitereview.bluecoat.com/#/ – WatchGuard/ForcePoint/Websense – http://mtas.surfcontrol.com/mtas/WatchGuardTest-a-Site.php Cisco Umbrella/OpenDNS – https://community.opendns.com/domaintagging/submit/ Cisco/Talos – https://talosintelligence.com/reputation_center/support Palo Alto https://urlfiltering.paloaltonetworks.com/query/ – Barracuda http://www.barracudacentral.org/report – McAfee https://trustedsource.org – • Recently Expired Domains https://www.expireddomains.net – https://freshdrop.com – secureideas.com

  30. Bypassing Defenses > Anti-Spam • SPF, DKIM, & DMARC • Consider sending via Gmail or O365 • Check Blacklists – https://www.talosintelligence.com/reputation_center • Online Spam Checks – Google’s Postmaster Tools https://postmaster.google.com – SenderScore https://www.senderscore.org – Mail Tester https://www.mail-tester.com • Discuss with the client secureideas.com

  31. Bypassing Defenses > Landing Pages • Duplicate real sites vs Build your own • Unique user identifiers • Source IP restrictions – Automated sandbox analysis • Time restrictions • JavaScript obfuscation • Subdomains vs directories secureideas.com

  32. Bypassing Defenses > Payloads • Constant battle – No more shikata-ga-nai • Use hosted known sites • Test, Burn, & repeat • “Encrypted” Excel file secureideas.com

  33. Final Thoughts • Remember the goal • Use back channels with clients • Keep it simple • Make it familiar • Don’t be TOO evil secureideas.com

  34. Questions? Nathan Sweaney @sweaney nathan@secureideas.com

Recommend

Casting Simulation Technology Julian Gnz Application Specialist Casting, CD-adapco Casting

Casting Simulation Technology Julian Gnz Application Specialist Casting, CD-adapco Casting

Casting Simulation Technology Julian Gnz Application Specialist Casting, CD-adapco Casting materials Market Overview [Mio tons] Grey Iron 13,6 38,16 9 Ductile Iron Steel 19,4 Non Ferrous alloys From Modern Casting 2010 world

377 views • 15 slides
Casting Simulations with STAR-Cast Julian Gnz, CD-adapco Need for Casting Simulation

Casting Simulations with STAR-Cast Julian Gnz, CD-adapco Need for Casting Simulation

Casting Simulations with STAR-Cast Julian Gnz, CD-adapco Need for Casting Simulation Processes Market Overview [Mio tons] Permanent Mold Tilt Casting 13,6 38,16 Grey Iron 9 Low Pressure-Casting Ductile Iron High

301 views • 27 slides
SLIP-CASTING a ceramic forming technique WHAT IS SLIP-CASTING?

SLIP-CASTING a ceramic forming technique WHAT IS SLIP-CASTING?

SLIP-CASTING a ceramic forming technique WHAT IS SLIP-CASTING? http://www.sightunseen.com/2012/06/josh-bitellis-forfars-bakery-and-roadworkers-projects/ http://www.joshbitelli.co.uk/ Slip-casting is a technique for small-scale production runs,

382 views • 12 slides
CSE 333 Section 6 HW3 Overview, Casting 1 Section Plan Casting HW 3 Overview 3

CSE 333 Section 6 HW3 Overview, Casting 1 Section Plan Casting HW 3 Overview 3

CSE 333 Section 6 HW3 Overview, Casting 1 Section Plan Casting HW 3 Overview 3 Casting! 4 Casting in C++ Four different casts that are more explicit: 1. static_cast<to_type>(expression) 2.

919 views • 33 slides
Macro Scale Casting Simulation with STAR-Cast J.Gnz CD-adapco Casting Systems Product

Macro Scale Casting Simulation with STAR-Cast J.Gnz CD-adapco Casting Systems Product

Macro Scale Casting Simulation with STAR-Cast J.Gnz CD-adapco Casting Systems Product requirements increase: Less weight Higher efficiency Time to market decreases Casting processes must be adopted Simulation to

318 views • 21 slides
lecture 18 Recall Ray Casting (lectures 7, 8) Ray tracing is like ray casting, but now mirror

lecture 18 Recall Ray Casting (lectures 7, 8) Ray tracing is like ray casting, but now mirror

lecture 18 Recall Ray Casting (lectures 7, 8) Ray tracing is like ray casting, but now mirror reflections are allowed. - ray tracing for each pixel (x,y) { - environment mapping cast a ray through that pixel into the scene, and find the

380 views • 6 slides
Evolution of the Aluminium High Pressure Die Casting in India CONTENTS INDIA - A VIBRANT ECONOMY

Evolution of the Aluminium High Pressure Die Casting in India CONTENTS INDIA - A VIBRANT ECONOMY

Evolution of the Aluminium High Pressure Die Casting in India CONTENTS INDIA - A VIBRANT ECONOMY HISTORY OF INDIAN DIE CASTING INDUSTRY PRESENT STATUS OF INDIAN DIE CASTING INDUSTRY AUTOMOTIVE - THE LARGEST CUSTOMER OF DIE CASTING IN INDIA

701 views • 33 slides
Casting Process in which molten metal flows by gravity or other force into a mold or die

Casting Process in which molten metal flows by gravity or other force into a mold or die

Casting Process in which molten metal flows by gravity or other force into a mold or die where it solidifies in the shape of the mold cavity. The term casting also applies to the part made in the process. 1 Steps of Casting Process

1.22k views • 69 slides
via STAR-Cast Santhanu Jana, Access e.V., Aachen Talk overview Centrifugal casting

via STAR-Cast Santhanu Jana, Access e.V., Aachen Talk overview Centrifugal casting

Simulation of Centrifugal Casting via STAR-Cast Santhanu Jana, Access e.V., Aachen Talk overview Centrifugal casting STAR-Casts modelling basis Motivation for centrifugal investment casting Centrifugal investment casting of

590 views • 31 slides
Join Indias First Indigenous Investment Casting foundry exclusively for Aerospace, Defence

Join Indias First Indigenous Investment Casting foundry exclusively for Aerospace, Defence

Join Indias First Indigenous Investment Casting foundry exclusively for Aerospace, Defence & M edical application Aerospace Defense Medical A World Class Investment Casting Foundry AS9100D & Nadcap Certified Investment Casting

416 views • 40 slides
Purchasing Card Solution in SAP Option 1: SAP EBP Pros Pros Cons Cons Allows de-central

Purchasing Card Solution in SAP Option 1: SAP EBP Pros Pros Cons Cons Allows de-central

Purchasing Card Solution in SAP Option 1: SAP EBP Pros Pros Cons Cons Allows de-central users who dont have Requires a requisition, PO or shopping cart access to SAP to do their own expense to be define prior to bank file

258 views • 4 slides
1 Volume Graphics - Pros Volume Graphics - Cons Advantages: Disadvantages: Required

1 Volume Graphics - Pros Volume Graphics - Cons Advantages: Disadvantages: Required

Overview Volume Rendering Surface graphics is not enough for ... Introduction to volume graphics Volume rendering techniques Lecture 21 Contour surfaces Ray Casting Cell Projection Slides gathered from Roger Crawfis ,

670 views • 12 slides
Join Indias First Indigenous Investment Casting foundry exclusively for Aerospace, Defence

Join Indias First Indigenous Investment Casting foundry exclusively for Aerospace, Defence

Join Indias First Indigenous Investment Casting foundry exclusively for Aerospace, Defence & Medical application Aerospace Defense Medical A World Class Investment Casting Foundry AS9100 Certified Investment Casting Foundry History

482 views • 34 slides
Computational Geometry Lecture 5: Casting a polyhedron Computational Geometry Lecture 5: Casting

Computational Geometry Lecture 5: Casting a polyhedron Computational Geometry Lecture 5: Casting

Casting a polyhedron Computational Geometry Lecture 5: Casting a polyhedron Computational Geometry Lecture 5: Casting a polyhedron CAD/CAM systems CAD/CAM systems allow you to design objects and test how they can be constructed Many objects

802 views • 62 slides
PASSWORD SOFTWARE AU PC Mtg Nov. 19 DASHLANE Pros & Cons o Self-learn support

PASSWORD SOFTWARE AU PC Mtg Nov. 19 DASHLANE Pros & Cons o Self-learn support

PASSWORD SOFTWARE AU PC Mtg Nov. 19 DASHLANE Pros & Cons o Self-learn support links o Dashlane Threat Center LASTPASS ROBOFORM DASHLANE PROs & CONs PROs PC Based software app Privacy and

241 views • 7 slides
www.alicongroup.co.in Casting The Future TS 16949 | ISO 9001 | ISO 14001 | OHSAS 18001 certified.

www.alicongroup.co.in Casting The Future TS 16949 | ISO 9001 | ISO 14001 | OHSAS 18001 certified.

www.alicongroup.co.in Casting The Future TS 16949 | ISO 9001 | ISO 14001 | OHSAS 18001 certified. Alicon Executive Summary 2018 Together We Make It Happen www.alicongroup.co.in 2 Casting The Future Guiding Philosophy Alicon North Star

572 views • 45 slides
Ray Casting Based on slides of Thomas Funkhouser 3D Rendering The color of each pixel on

Ray Casting Based on slides of Thomas Funkhouser 3D Rendering The color of each pixel on

Ray Casting Based on slides of Thomas Funkhouser 3D Rendering The color of each pixel on the view plane depends on the radiance emanating from visible surfaces Rays through view plane Simplest method is ray casting View plane Eye

390 views • 16 slides
PROBLEM Automation by A.I. 47% of jobs vulnerable (by OM research study) AI-Pros &

PROBLEM Automation by A.I. 47% of jobs vulnerable (by OM research study) AI-Pros &

AI-P ROS AI-Z ION AI-Pros Private & Confidential November 2017 PROBLEM Automation by A.I. 47% of jobs vulnerable (by OM research study) AI-Pros & AI-Prop

852 views • 15 slides
KIRKLAND PROS PLAN Adopted Policies Capital Recommendations Park Classifications

KIRKLAND PROS PLAN Adopted Policies Capital Recommendations Park Classifications

KIRKLAND PROS PLAN Adopted Policies Capital Recommendations Park Classifications Levels of Service KIRKLAND PROS PLAN POLICY: Acquire parks, recreation, and open space facilities in those areas of the City facing population

480 views • 34 slides
A Model of the Feds View on Inflation Thomas Hasenzagl 1 , Filippo Pellegrino 2 , Lucrezia

A Model of the Feds View on Inflation Thomas Hasenzagl 1 , Filippo Pellegrino 2 , Lucrezia

A Model of the Feds View on Inflation Thomas Hasenzagl 1 , Filippo Pellegrino 2 , Lucrezia Reichlin 3 , and Giovanni Ricco 4 1 Now-Casting Economics 2 London School of Economics, and Now-Casting Economics 3 London Business School, Now-Casting

359 views • 16 slides
Manufacturing Simulation for the Casting Industry with STAR-Cast Agenda Manufacturing

Manufacturing Simulation for the Casting Industry with STAR-Cast Agenda Manufacturing

Manufacturing Simulation for the Casting Industry with STAR-Cast Agenda Manufacturing Simulation Casting STAR-Cast Application coverage Outlook Simulation for Manufacturing Simulation widely used for E-Coating

820 views • 24 slides
Assimilative Modeling of Ionospheric Dynamics for Now-casting of HF Propagation Channels in the

Assimilative Modeling of Ionospheric Dynamics for Now-casting of HF Propagation Channels in the

Assimilative Modeling of Ionospheric Dynamics for Now-casting of HF Propagation Channels in the Presence of TIDs Dr. L. J. Nickisch, Dr. Sergey Fridman, Dr. Mark Hausman, Dr. Shawn Kraut NorthWest Research Associates, Monterey, California Dr.

151 views • 11 slides
Ray Tracing Ray Tracing Ray Casting Ray Casting Ray-Surface Intersections Ray-Surface

Ray Tracing Ray Tracing Ray Casting Ray Casting Ray-Surface Intersections Ray-Surface

Ray Tracing Ray Tracing Ray Casting Ray Casting Ray-Surface Intersections Ray-Surface Intersections Barycentric Coordinates Barycentric Coordinates Reflection and Transmission Reflection and Transmission [Shirley, Ch.9] [Shirley, Ch.9]

785 views • 21 slides
Ray Tracing Ray Tracing Ray Casting Ray Casting Ray-Surface Intersections Ray-Surface

Ray Tracing Ray Tracing Ray Casting Ray Casting Ray-Surface Intersections Ray-Surface

Ray Tracing Ray Tracing Ray Casting Ray Casting Ray-Surface Intersections Ray-Surface Intersections Barycentric Coordinates Barycentric Coordinates Reflection and Transmission Reflection and Transmission [Angel, Ch 13.2-13.3] [Angel, Ch

570 views • 20 slides

More recommend