This post is a quick step by step guide how to create a basic Phishing Campaign hosted from Wombat ThreatSim platform.
Log into Wombat Security Education Platform and Click ThreatSim -> Phishing Campaigns
Wombat ThreatSim® Phishing Simulations are an excellent addition to any security awareness training program, particularly those focused on fighting phishing attacks. Wombat ThreatSim Phishing Simulations serivce has SaaS-based interface which makes it easy to deliver simulated phishing emails and customizable Teachable Moments, which display targeted "just-in-time teaching" messages to individuals who fall for a phishing test.ThreatSim’s customizable email templates address three key testing factors: attachments, embedded links, and requests for personal data. Based on Wombat site, no one else in the industry can offer multiple templates in one campaign, random scheduling of emails to spread out delivery, along with Auto-Enrollment into targeted training if an employee falls for an attack.
This post is a quick step by step guide how to create a basic Phishing Campaign hosted from Wombat ThreatSim platform. Log into Wombat Security Education Platform and Click ThreatSim -> Phishing Campaigns
0 Comments
1. Ubuntu16.04 Installation
1.1 VMware Workstation Virtual Machine Creation for not easy installation
If you are using VMware workstation , by default, system will do easy installation for you, which means all settings will be automatically entered by VMware Workstation. You wont need to provide too much or any information during installation process. We are not going to use this method in this post. We just choose the option "I will install the operating system later" to skip easy installation.
Easy Install vs Non Easy Install
For many IT workers remotely involved with networking, it is quite common to need to expose your Intranet application to the outside world in a secured manner. Unfortunately, we work most of the time from private IP networks, be that at the workplace, at home or at the coffee shop. The router(s) or firewall (s) that stands between our workstation and the internet makes it harder to expose a local socket to the outside. Most of the time, this is preferable for security.
A couple of solutions you can choose now: 1. Change your router / firewall configuration to do port forwarding or NAT from public to your application. But in many cases, you wont be able to make that changes or you even do not have that options. 2. Tunneling services : either self hosting or cloud services such as:
Ngrok Setup & Installation 1. Download ngrok ngrok is easy to install. Download a single binary with zero run-time dependencies. There are following versions available to download : Winodws, Mac OS X Linux Mac (32-bit) Windows (32-bit)Linux (ARM) Linux (32-bit) FreeBSD (64-Bit)FreeBSD (32-bit)
ArcSight Logger is one of products from Micro Focus SIEM platform. It streams real-time data and categorizes them into specific logs and easily integrates with Security Operations. As a result, organizations of any size can use this high performance log data repository to aid in faster forensic analysis of IT operations, application development, and cyber security issues, and to simultaneously address multiple regulations.
According to wikipedia Iperf "is a commonly used network testing tool that can create TCP and UDP data streams and measure the throughput of a network that is carrying them. Iperf is a modern tool for network performance measurement written in C++."
This tool has to configure server side and client side to complete a test. It can test from client side to server side , also can test from both direction. 1. Download iperf 3The main download site is from https://iperf.fr/iperf-download.php.2. Start it as serverRunning command 'iperf -s' from command line as iperf server (ip address 100.99.136.66).C:\Tools>iperf -s
|
|