PHaaS - Phishing as a Service

DerbyCon V - Unity

Presented by: Raymond Gabler
Date: Sunday September 27, 2015
Time: 09:00 - 09:50
Location: Track 4
Track: The 3-Way

Ever since the first version of SET (have to give Dave props since it is “his” conference) the open source community has embraced the need for phishing tools. Tools like: Phishing- Frenzy, Ice-hole, Phemail, Spf, SET, etc. are good and serve their purpose but are they the best bang for the buck? We will compare open source technologies to PHaaS technologies and make the case that for large (500+ emails - easy for a corporation to hit) PHaaS is the best option. Time permitting we will demonstrate how to use PHaaS to do the broad scan and opensource tools to do the exploitation. Note I do not have any ties with the vendor/solutions discussed in this talk, I am simply a user that likes the tools and the value add they bring to a phishing engagement.

Raymond Gabler


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats