This presentation will quickly explore some of the common phishing attack tools and techniques. Additionally, there will be a demo of a new tool, which can assist penetration testers in quickly deploying phishing exercises in minimal time. The tool can automatically search for potential targets, deploy multiple phishing websites, craft/send phishing emails, record the results, generate a basic report, among other bells and whistles.
Adam Compton currently works as a penetration tester and has over 20 years of infosec experience, 15 years as a penetration tester. He has worked in both the government and private sectors for a variety of customers ranging from domestic and international governments, multinational corporations, and smaller local business.
Eric Gershman is currently working on the security team for a group that manages large systems that enable researchers to do “Big Science”. Prior to working in security Eric pursued a bachelors degree in Information Technology at the University of Central Florida. During his time at UCF, he worked as a technician on a large help desk, research intern for an Anti-Virus company and finally as a Linux Systems Administration for several Department of Defense projects.