Lab Environment: Rules of Engagement
This is for onsite training. Skip this section if not taking training.
Saintcon Phishing has been tasked to perform a penetration test against SnakShare’s information systems and employees. SnakShare recently implemented new email security protections.
Scope
- snakshare.com and any subdomains
- mail.snakshare.com
- auth.snakshare.com
Rules of Engagement
- Target email addresses will NOT be supplied.
Test Plan
Effektive Ops will conduct the following.
- Perform OSINT against SnakShare.
- Compile a list of potential SnakShare employees and email addresses.
- Peform a phishing engagement against discovered employees.
- Harvest credentials.
- Deploy C2 agent on to victim machines.