#gophish — Public Fediverse posts

GoPhish Login Page Detected - 103[.]43[.]130[.]54:443 - https://www.redpacketsecurity.com/gophish-login-detected-103-43-130-54-port-443/

#GoPhish #OSINT #ThreatIntel

GoPhish Login Page Detected - 101[.]47[.]155[.]45:8443 - https://www.redpacketsecurity.com/gophish-login-detected-101-47-155-45-port-8443/

#GoPhish #OSINT #ThreatIntel

GoPhish Login Page Detected - 108[.]162[.]67[.]124:443 - https://www.redpacketsecurity.com/gophish-login-detected-108-162-67-124-port-443/

#GoPhish #OSINT #ThreatIntel

En esta oportunidad y con la gran escalada de #spam que hay en el mundo te traigo #gophish un framework opensource que permite crear campañas de phising para que las lances internamente en tu empresa, veas los resultados, generes informes y realices las acciones pertinentes como #capacitación al personal.

Miralo en: https://luiszambrana.ar/campanas-de-phishing-para-revision-de-seguridad-interna-de-tu-empresa/
Si te gusta nuestros post te agradezco que compartas!!

🎯 Threat Intelligence
======================

🛠️ Tool

Executive summary: A curated catalog of 100 n8n workflow ideas
targeting Red Team, Blue Team (SOC/DFIR/TI), AppSec/DevSecOps and
general platform security. Each entry maps a specific objective to
integrations and a node-level flow outline suitable for direct
implementation in n8n.

Technical scope and components: The collection spans reconnaissance
(subfinder, amass, DNSDB), active scanning (nmap, naabu, masscan),
telemetry enrichment (Shodan, Censys, GeoIP, AbuseIPDB), offensive
tooling orchestration (GoPhish, custom IdP for lab credential sprays),
artifact lifecycle (S3/TimescaleDB/PostgreSQL), and C2/event
forwarding (CS/Havoc/Sliver webhooks). Flows consistently use common
n8n primitives: Cron/Webhook triggers, Exec/HTTP request nodes,
IF/Switch logic, database upserts, and batching/merge nodes for scale.

Implementation considerations: Several ideas assume controlled lab
environments (credential spraying, EDR evasion tests, malicious macro
builders). The patterns emphasize separation of concerns:
scanning/extraction → enrichment → dedupe/persistence → alerting/issue
creation. Integrations call for credential handling via secret stores
and rate-limiting (delay/wait nodes) to avoid false positives and
service throttling.

Detection and defensive value: For Blue Team use-cases, flows include
automated ingestion of C2 events, decoy link tracking with GeoIP and
reputation scoring, exfiltration simulation to cloud storage for DLP
tuning, and continuous attack-surface change detection that creates
tickets for new/changed hosts or open ports. These provide repeatable
pipelines for measurement and tuning of SOC detections.

Operational risks and guardrails: Several recipes are explicitly
offensive and must remain confined to testbeds. Logging and artifact
management recommendations include hashing artifacts at ingest,
storing evidence in immutable buckets, and tagging DB records with
provenance to support IR workflows.

Concluding assessment: This collection is a practical playbook for
security teams seeking to automate repetitive reconnaissance, testing
and monitoring tasks using n8n. It lowers implementation friction by
providing ready-to-adapt node sequences and integration patterns.

🔹 n8n #automation #subfinder #gophish #bookmark

🔗 Source: https://github.com/CyberSecurityUP/n8n-CyberSecurity-Workflows

Life has felt a bit less hectic these last few months and I feel at peace with some things I won’t go into. With that, I’ve been able to restructure what I want to focus on with a more narrow scope without my mind feeling as chaotic.
Some things I’m starting / want to start soon:
Read the Psychology of Intelligence Analysis
Revisit learning #Go mainly for HTTP utilities
Learn #Evilginx and #GoPhish (apply Golang knowledge here) to get a deeper understanding of #phishing threats on both offensive and defensive side.
Read more in general— this #cti paper was very insightful https://www.tandfonline.com/doi/full/10.1080/08850607.2020.1780062

This still appears to be somewhat broad scoped but it helps build a structure.

Проведение фишинг-учений с использованием вредоносных ссылок и HTML-приложений. Часть 1

Многим угрозам можно противопоставить технические средства защиты информации (СЗИ): как базовые, так и системные решения. Но сколько бы ни стоило СЗИ, и сколько бы ни знал о устройстве инфраструктуры специалист, главной головной болью все равно остается человеческий фактор. Прежде всего — фишинговые атаки , которые нацелены на пользователя. Сегодняшняя публикация — часть цикла статей, она посвящена методам и инструментам для проведения фишинг-учений, а во второй части мы рассмотрим практическую реализацию и рекомендации ИБ-специалистам . Статья описывает тестовую фишинговую атаку на сотрудников организации, которую

https://habr.com/ru/companies/serverspace/articles/808695/

#фишинг #фишинговые_атаки #gophish #powershell #иб #mail #почтовый_сервер #тактики #сценарии