It is no secret that one of the major attack vectors is phishing. While some of the success of this is due to a lack of user education and awareness, the other side of the coin are missing basic controls. There is no shortage of enterprise level ... READ MORE
Main Content
From the War Room Blog
King Phisher Release 1.12
King Phisher version 1.12 is finally here. One improvement that we are most excited about is King Phisher now utilizes Pipenv to manage it's dependencies. This will greatly improve the stability of the platform moving forward as there won't be any ... READ MORE
King Phisher Release 1.10
Today we're proud to announce the next release of King Phisher, version 1.10. This release saw extensive changes under the hood to improve the long term experience. One of the notable changes that users will directly benefit from are multiple tweaks ... READ MORE
Fire and Forget: Meterpreter Automation
Throughout the past year I have been conducting routine phishing assessments for a client. For their final test of the year, our point of contact wanted something consequential for those who fell for this phish... Something 'kinetic' if you will. ... READ MORE
CSRF on Anonymous Forms
Using CSRF on Anonymous Forms This article will focus on linking CSRF vulnerabilities with phishing attacks to extend the lifetime of your captured credentials. Cross Site Request Forgery (CSRF) vulnerabilities on anonymous forms are often ignored ... READ MORE
Termineter 1.0
Termineter Version 1: Come With Me If You Want To Pwn... Almost six years after its initial release, RSM has published version 1.0 (and shortly thereafter a couple of bug fixes) of its Open Source Smart Meter Penetration Testing Framework dubbed ... READ MORE