A while ago I was working on an assessment where I was exposed to General Packet Radio Service (GPRS) servers. Having not been familiar with this particular technology, I started to read about the details of the protocol and it's implementation. One ... READ MORE
Main Content
From the War Room Blog
King Phisher Release v1.13
With the version 1.13 release, we have added several goodies. First is a long requested feature! The ability to store MFA tokens submitted from a login page. Now you can grab username, password, and the MFA field . If you are using this feature as ... READ MORE
Email Controls: Implementing DKIM with Postfix
Previously on the War Room, we discussed some basic mail control implementations. Specifically, we looked at simple text records that can be posted to determine what is allowed to send on behalf on the domain. SPF records and DMARC records, when ... READ MORE
Spam Filter Evasion With King Phisher
It's no secret that phishing is the top attack vector when it comes to external compromise. So when it comes to penetration testing this is a vector that we can not ignore. However, as consultants, we are interacting with different clients and ... READ MORE
The Basics: SPF and DMARC Records
It is no secret that one of the major attack vectors is phishing. While some of the success of this is due to a lack of user education and awareness, the other side of the coin are missing basic controls. There is no shortage of enterprise level ... READ MORE
King Phisher Release 1.12
King Phisher version 1.12 is finally here. One improvement that we are most excited about is King Phisher now utilizes Pipenv to manage it's dependencies. This will greatly improve the stability of the platform moving forward as there won't be any ... READ MORE