Every hacker I know is always looking for ways to practice and improve their skills. One of the things I feel that is in short supply, is access to realistic networks to actually break into. Even here on this blog, we have a lot of posts about systems you can create to subsequently hack. In the real world, though, you will need more skills than running (or even creating an ... READ MORE
Development
Becoming a Master Template Creator with Jinja2: Introduction
In my previous line of work, I made a living as a web developer. My time was spent building websites in content management systems, customizing the front end for clients and ensuring the back-end was usable and worked as intended. Today, I mostly tap my front-end developer experiences for building websites for use in social engineering campaigns. As we don't use content ... READ MORE
King Phisher 1.1 Released
King Phisher version 1.1 has been released today with numerous improvements since the last release in October. One of the most exciting new features is the ability to send phishing emails in the form of calendar invites. This causes an email to be sent to the target that looks like a typical meeting request. More information on using the new calendar invite mode (including an ... READ MORE
Github Primer: Collaborating with Git
This post serves as a simple walk-through of how to contribute to a repository or collaborate on a project with others using github.com. The content is broken down into three sections: (1) How to create your own fork of the repository that you wish to contribute to. (2) How to sync your branch with a branch from your upstream repository (the upstream repository is the ... READ MORE
5 Tips For Pentesters Switching To Python 3
Python has been a popular language among penetration testers from some time now and is used extensively here at RSM. Python version 3 has been out since December 2008 and yet many scripts currently being produced by the security community exclusively target version 2.7. Given that Python 2.7 is in maintenance mode only at this point, it's important for people to have the tools ... READ MORE
King Phisher 1.0 Released
Since it's inception almost two years ago King Phisher has changed the way we at RSM provide email based social engineering services to our clients. We have integrated it into our external penetration testing methodology as well as relied on it for dedicated social engineering assessments. At the time, other phishing projects did not have the flexibility to meet all of the ... READ MORE
King Phisher 0.2.1 Released
Yesterday, RSM released the latest version of their King Phisher phishing campaign toolkit. This version adds some exciting new features with a focus on usability. The message editor received some nice improvements, including syntax highlighting. The editor window now uses the GtkSourceView project to provide a more user friendly environment for writing and modifying ... READ MORE
King Phisher 0.2.0 Released
Today, RSM is releasing the latest version of the King Phisher phishing campaign toolkit. This version adds some excellent features for visualizing the results of a campaign to help with the analysis. Some of the features in this version were referenced in the Advanced Phishing Techniques webinar hosted by the RSM King Phisher team in March. Some of the newest features in ... READ MORE
King Phisher 0.1.7 Released
We are very pleased to announce today that the latest release of RSM's open source phishing toolkit, King Phisher, is now available. This latest release has lots of new features, client GUI improvements and stability fixes. Some of the highlights of version 0.1.7 include: Integration for checking SPF records Automatic CSRF page generation Full support for serving ... READ MORE
King Phisher 0.1.6 Released
The latest version of RSM's phishing tool King Phisher has been released with numerous improvements. King Phisher is RSM's Phishing Campaign toolkit of choice, developed internally to meet the demands of the engagements that the team encounters. Some of the new features in this release include: Support for email messages with inline images that do not need to be ... READ MORE