Category: Social Engineering


Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

Hacking ToolNEW TOOLSPhisingScanSocial EngineeringSocial Engineering AttacksTrape

Trape v2.0 – People Tracker On The Internet: OSINT Analysis And Research Tool

Trape is a OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It was created with the aim of teaching the world how large Internet companies could obtain confidential information such as the status of sessions of their websites or services and control over their users through the browser, without them knowing, but It evolves with the aim of helping government organizations, companies and researchers to track the cybercriminals.At the beginning of the year…

Biometric authenticationCarbanakCybercrimeFinancial malwareKaspersky Security BulletinLazarusMobile MalwareSecurity FeedsSocial Engineeringsupply-chain attack

Cyberthreats to financial institutions 2019: overview and predictions

Kaspersky Security Bulletin: Threat Predictions for 2019 Cryptocurrency threat predictions for 2019 Introduction – key events in 2018 The past year has been extremely eventful in terms of the digital threats faced by financial institutions: cybercrime groups have used new infiltration techniques, and the geography of attacks has become more extensive. Despite this, let’s start the review with a positive trend: in 2018 police arrested a number of well-known cybercrime group members responsible for Carbanak/Cobalt and Fin7, among others. These groups have been involved…

FeaturedMalicious spamMalware DescriptionsNigerian SpamSecurity FeedsSocial EngineeringSpam and phishing reportsSpam StatisticsSpammer techniquesTematic Spam

Spam and phishing in Q3 2018

Quarterly highlights Personal data in spam We have often said that personal data is candy on a stick to fraudsters and must be kept safe (that is, not given out on dubious websites). It can be used to gain access to accounts and in targeted attacks and ransomware campaigns. In Q3, we registered a surge of fraudulent emails in spam traffic. This type of scam we have already reported at the beginning of the year. A ransom (in bitcoins) is demanded  in exchange for…

FeaturedSecurity FeedsSocial EngineeringSpam and phishingSpam LettersTematic Spam

Phishing for knowledge

When we talk about phishing, top of mind are fake banking sites, payment systems, as well as mail and other globally popular services. However, cybercriminals have their fingers in far more pies than that. Unobviously, perhaps, students and university faculties are also in the line of fire. The reason is the research they carry out and the potentially valuable results. Examples of phishing pages mimicking the login pages of the University of Washington, Harvard Business School, and Stanford University websites Over the past year,…

DistributedFireworkNEW TOOLSNTLMPenetration TestRDPRed TeamSocial EngineeringTLS

Firework – Leveraging Microsoft Workspaces in a Penetration Test

Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process. The tool also wraps some code from Responder to leverage its ability to capture NetNTLM hashes from a system that provisions a Workplace feed via it.This tool may be used as part of a penetration test or red team exercise to create a .wcx payload (and associated feed) that if clicked on could be used to:Phish for credentials - NetNTLM hashes will be sent…

FeaturedMalicious spamMalware DescriptionsNigerian SpamSecurity FeedsSocial EngineeringSpam and phishing reportsSpam StatisticsSpammer techniquesTematic Spam

Spam and phishing in Q2 2018

Quarterly highlights GDPR as a phishing opportunity In the first quarter, we discussed spam designed to exploit GDPR (General Data Protection Regulation), which came into effect on May 25, 2018. Back then spam traffic was limited to invitations to participate in workshops and other educational events and purchase software or databases. We predicted that fraudulent emails were soon to follow. And we found them in the second quarter. As required by the regulation, companies notified email recipients that they were switching to a new…

AircrackAircrack-ngBlackArchCaptive PortalEvil TwinFakeapFluxionKaliKali LinuxLINSETMITMNEW TOOLSrogueSocial EngineeringWPA

Fluxion – WPA/WPA2 Security Hacked Without Brute Force

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues.If you need quick help, fluxion is also avaible…

Dll HijackingFeaturedIndustrial threatsInternet BankingRAT TrojanRDPSecurity FeedsSocial EngineeringSpywareTargeted Attacks

Attacks on industrial enterprises using RMS and TeamViewer

Main facts Kaspersky Lab ICS CERT has identified a new wave of phishing emails with malicious attachments targeting primarily companies and organizations that are, in one way or another, associated with industrial production. The phishing emails are disguised as legitimate commercial offers and are sent mainly to industrial companies located in Russia. The content of each email reflects the activity of the organization under attack and the type of work performed by the employee to whom the email is sent. According to the data…

CamelishingNEW TOOLSSocial Engineering

Camelishing – Social Engineering Tool

CamelishingSocial Engineering ToolFeaturesBulk email sendingBasic Python Agent CreatorOffice Excel Macro CreatorDDE Excel Creator(or Custom Payload)Return İnformation[Mail Open Track][Agent Open Track]AutoSaveStatistics ReportUser ControlInstallation Modules$ pip install -r requirements.txt$ Install Microsoft OfficeTested and Supported[+]Windows 7[+]Windows 10+SCREENSHOTMail Sender[+]Note : Compress and send the exe file(rar,zip)[+] Start Project : python start.pyMacro CreatorAgent CreatorAgentDDE CreatorGeneral SettingMail SendOpen MailReturn InformationStatistic Reportand more...Contact| Coded Abdulaziz ALTUNTAŞ || Email: || Github: github/azizaltuntas || Twitter: @esccopyright |Download Camelishing