Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Hands-On Phishing
1.0 Welcome to the Course
1.1 Welcome & Course Overview (3:30)
1.2 About Your Instructor (3:08)
1.3 Prerequisites for the Course (3:32)
1.4 Work With Me
1.5 Support for the Course
2.0 Configuring the Lab Environment
2.1 Creating an Account on Digital Ocean (3:58)
2.2 Setting Up Billing & Billing Alerts (3:26)
2.3 Creating an Ubuntu Droplet (7:50)
2.4 Setting up Firewall Rules (5:00)
2.5 Understanding Digital Ocean Pricing
3.0 Preparing for a Successful Phishing Trip
3.1 Analysis of Bad Phishing Emails (Avoid This!) (8:20)
3.2 Performing Basic OSINT on the Target (7:32)
3.3 [Challenge Lab] Compile a List of Users and Emails
3.4 [Walkthrough] Compile a List of Users and Emails (6:11)
3.5 [Challenge Lab] Identifying a Login Page to Clone
3.6 [Walkthrough] Identifying a Login Page to Clone (3:17)
3.7 [Challenge Lab] Identify The "Secret" User (1:24)
3.8 [Walkthrough] Identify The "Secret" User (2:45)
3.9 Strategies for Selecting a Domain (6:21)
3.10 Purchasing a Domain with Namecheap (4:20)
3.11 Configuring GSuite with the Domain (9:27)
3.12 Section Quiz
4.0 GoPhish Setup and Initial Configuration
4.1 Overview of GoPhish (2:58)
4.2 Installing GoPhish on Ubuntu (8:42)
4.3 Setting up Certs and Launching GoPhish (6:58)
4.4 Configuring DNS for the Domain (1:47)
4.4 [Challenge] Automate With a Script (3:50)
4.5 Section Quiz
5.0 Launching a Phishing Campaign with GoPhish
5.1 Setting up Email Templates (6:05)
5.2 [Challenge] - Create a Phishing Email
5.3 [Walkthrough] - Create a Phishing Email (5:42)
5.4 Configuring the Landing Page (3:44)
5.5 Adding Target Users (4:29)
5.6 Creating the Sending Profile (11:22)
5.7 [Challenge] - Launch Your First Campaign
5.8 [Walkthrough] Launch Your First Campaign (10:54)
5.9 Section Quiz
6.0 Phishing with Evilginx
6.1 Overview of Evilginx (3:45)
6.2 Installing and Configuring Evilginx (5:56)
6.3 [Challenge] Automate With a Script
6.4 Brief Overview of Phishlets (5:27)
6.5 Configuring Your First Phishlet (10:50)
6.6 [Challenge] Create a Custom Phishlet for Self-Hosted Wordpress
6.7 [Walkthrough] Create a Custom Phishlet for Self-Hosted Wordpress (5:11)
6.8 [Challenge] Re-Using Stolen Session Cookie
6.9 [Walkthrough] Re-Using Stolen Session Cookies (4:46)
6.10 Section Quiz
6.11 Destroy Your Digital Ocean Droplet
6.12 Cancel your Google Workspace Account
7.0 Bypassing Common Defenses
7.1 Difference Between a Penetration Test and Red Team Engagement (3:40)
7.2 Leverage Known Services (6:42)
7.3 List of Known Services Useful for Phishing
7.4 Build Infrastructure Trust (7:59)
7.5 Email Evasion Checklist
7.6 Section Quiz
8.0 Combining Pretext Calling with Phishing
8.1 - Legal Warning (Do Not Skip!)
8.2 Overview of Pretext Calling (2:39)
8.3 Creating an Effective Pretext (9:16)
8.4 Setting up SpoofCard (1:59)
8.5 Setting up Google Voice (3:28)
8.6 [Challenge] Call Yourself with a Spoofed Number
8.7 [Walkthrough] Call Yourself With a Spoofed Number (4:14)
8.8 Note on Legality of Recording Calls (2:11)
8.9 Section Quiz
9.0 Course Conclusion
9.1 Practical Projects (5:37)
9.2 Next Steps for your Career (4:24)
9.3 Tell Us What You Think!
10.0 Student Project Showcase
10.1 Student Project Showcase
10.2 Automatic GoPhish Deployment
10.3 OSINT Recon Tool
6.8 [Challenge] Re-Using Stolen Session Cookie
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock