Wrap up

THIS IS A ROUGH OUTLINE OF WHAT NEEDS TO BE FINISHED

What needs to change for live assessments

Now we have a decent understanding of our current capabilities. How can we successfully execute this for reals?

We need the following:

  • A domain to send emails from.
  • A domain to host malicious content. Could be the same, but it’s nice have them separate in case one is burned.
  • TLS Certs.
  • A target and their permission.

Domains

We like to use Amazon’s Route53 for a number of reasons:

  • It is pretty simple to acquire domains.
  • Supports automation via APIs.
  • Tooling support.

Gophish: Sending Emails FRD

Now we want to send real emails. We have quite a few options to do this. Our typical workflow is to use Amazon SES, but there are other options. Any service that supports SMTP should work.

  • SES
  • Gmail
  • Shared hosting (godaddy)
  • Manually setting up postfix

It should be as simple as the MailHog setup, but using the required credentials…


Traefik TLS

Traefik can generate all the certs you need, it just needs an API key to manage DNS records on your domains.


Where to from here?

  • Automate VM Build.
  • Automate infrastructure deployment.
Last modified August 28, 2024: spellz and grammar (1733997)