Phishing Guides for Pentesters?

From a purely white hat perspective, please. Are there any good guides about how to perform a phishing campaign against a target? What is the best way to learn about this?

I’m particularly interested in spearphishing and whaling. Both the technical aspects (bypassing spam filters, etc) and psychological (getting targets to click the links).



Well I would recommend to check out “Social Engineering, The Art of Human Hacking”, and well the bypassing spam and filter’s AV and other it’s a completely different category, you might want to research malware development or check out MITRE so you can get familiar on what AP[Ts use for achieving that goal. That would be the technical aspects. The psychological will take some practice you should be a people person for this. A great example I can give you is an APT used the situation of COVID-19 and the COVID-19 vaccines to have people click on there links, look at the news what is trending how can you get people’s attention?. Is it a celebrity? a situation? an event?. That’s where you will need to understand OSINT to gather as much information as needed from your target. Hope this has helped.


From today:

New link: PancakesCon 2 - Mishaal Khan - Phishing with Caricatures by Mishaal Khan - YouTube


Can I get access to this video ?

I have attached the new link to the original comment.

Thank you this is very educative

cool video, thanks for the link

Thank you for sharing the links with us. This is very helpful!

I recommend a book by Christopher Hadnagy, Social Engineering: The Science of Human Hacking.

It really puts you in the mindset of a hacker and gives tons or practical examples.

What may seem too easy, but is actually a very good way to start an attack is simply visiting a targets website. You would be surprised how still in 2021, many companies list executive staff information on their company site. You could potentially find the names, numbers/extensions, and if you are super lucky the email addresses of the CEO, CFO, etc.

I’m currently developing a red on blue team testing grounds for my coworkers. The virtualized setup uses GoPhish, Mythic, Kali, Apache, VyOS, Debian BIND9 and pfSense. I’ll update you when I’m completely done with it.

The main idea behind the lab is focused on phishing but there are other acceptable uses as well.

The main challenge for me is getting through spam filters. If I could get into inboxes, everything else is a breeze

1 Like

"Return to Sender: Bypassing Email Spam & Malware Filters" - Sebastian Salla - YouTube

1 Like

You could use GMail forwarders but that almost defeats the purpose. I read once that most of the spam filters is represented by a value of trustworthiness. In the same light as GMail we can use the same concept called domain fronting with high trustworthy companies like Amazon / Microsoft who give your their domain’s to borrow. Here’s an example

1 Like

This topic was automatically closed after 121 days. New replies are no longer allowed.