Resources for phishing

:fishing_pole_and_fish: PHISHING RESOURCES :fishing_pole_and_fish:

OSINT Links & Tools

Maltego

Recon-ng

Google dorks

https://www.exploit-db.com/google-hacking-database

PHP Code saving POST data:

Certificates
https://www.certificate-transparency.org/what-is-ct

https://transparencyreport.google.com/https/certificates

https://certstream.calidog.io

Domains

Name Generation

Scoring / Ranking
https://www.alexa.com/siteinfo

WHOIS privacy / history

Ageing
https://www.expireddomains.net/

Web Archive
https://web.archive.org

Categorization
BlueCoat: Symantec Sitereview

Cisco: http://www.senderbase.org/home

McAfee: McAfee Threat Center – Latest Cyberthreats | McAfee

Trend Micro: https://global.sitesafety.trendmicro.com

Websense: http://csi.websense.com

Zscaler: http://zulu.zscaler.com

SE Tools

Evilginx (MITM Phishing Framework)

SET

BeEF

GoPhish

KingPhisher

https://king-phisher.readthedocs.io/en/latest/

Macro
VBA

Accessing Clipboard

Didier’s resources:

Obfuscation

EvilClippy (Obfuscation)

Unicorn (Macro generation and more)

Macros from remote templates

Metadata
https://exiftool.org/

Red Teamer Testing Tools
Wireshark: https://www.wireshark.org

Charles Proxy: https://www.charlesproxy.com

Burp: Burp Suite - Application Security Testing Software - PortSwigger

Malware samples
https://www.virustotal.com/
https://www.hybrid-analysis.com/file-collections
Free Malware Sample Sources for Researchers (list)

Defender/Analyst tools

http://www.decalage.info/python/oletools

CyberChef (encoder/decoder)

https://code.visualstudio.com/ (Free IDE released by Microsoft)

VBA Formatter (VBA Code Indenter)

GitHub - MalwareCantFly/Vba2Graph: Vba2Graph - Generate call graphs from VBA code, for easier analysis of malicious documents. (VBA2Graph)

GitHub - decalage2/ViperMonkey: A VBA parser and emulation engine to analyze malicious macros. (VBA Emulation engine written in python)

ASR (Attack Surface Reduction) Rules

2 Likes