Offensive Phishing
- by Vince
-
in Blog
-
Hits: 1098
We run phishing campaigns for awareness training but we also use phishing as an attack vector. In some instances, if we phished credentials, we would call that a success and move on. In other cases, we would want to actually breach the environment through phishing. If we look at MITRE, we're going to see a lot of different techniques using attachments, Word and Excel are popular. I'm going to use an HTA file which can be constructed without the need for Microsoft Office.