Skip to content

Instantly share code, notes, and snippets.

@karlpokus

karlpokus/phishing_test.md

Created September 9, 2016 07:20
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save karlpokus/c53a2e4d5fdf3d3f676706c57286d705 to your computer and use it in GitHub Desktop.
Save karlpokus/c53a2e4d5fdf3d3f676706c57286d705 to your computer and use it in GitHub Desktop.
Download ZIP
phishing test @Company - implementation details
Raw
phishing_test.md

Inspired by this -> https://insight.duo.com/

Simple usage

  1. get a list of e-mail addresses
  2. send e-mails with personal URL from hashed e-mail address
  3. log each requests (ts, url, user) on server

result

  • e-mail addresses of personel who clicked the link
  • % personel who clicked
  • avg time to click

v2.0

  • test who would give up their credentials in a company-looking-dialog
  • test browser version
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment