Where companies get their teams secured.

Riot is the leading employee security posture management platform,
keeping thousands of the world's leading companies safe from hackers.

Related contents:

• #310.ad - Devenir CEO: Devenir CEO d'une boite tech avec Benjamin Netter @ <ifttd> .

AntiSquat leverages AI techniques such as natural language processing (NLP), large language models (ChatGPT) and more to empower detection of typosquatting and phishing domains.

Related contents:

• AntiSquat : l’IA qui traque les faux sites avant qu’ils ne vous piégent ! @ Laurent Biagotti's LinkedIn .

l'humain au cœur de la cybersécurité.
La sensibilisation à la cybersécurité réinventée
qui divise par 10 le risque de cyberattaque

A l’aide d’un programme de sensibilisation au phishing
basé sur l’apprentissage par l’action,
créé sur mesure pour chaque utilisateur
et animé sur la durée sans intervention de votre part

Swordphish is a platform allowing to create and manage fake phishing campaigns.

The goal of Swordphish is to raise awareness of your users regarding phishing easily and in a secure way.

• SwordPhish @ GitHub.

Related contents:

• Episode #486: Interview de Frederic Le Bastard et de Franck Bonnard Du Groupe La Poste @ NoLimitSecu .

PhishTool automatically retrieves all of the relevant metadata from a phishing email, providing you with the most comprehensive technical view of a phishing email possible. This combined with our OSINT and heuristic detection, makes PhishTool one seriously powerful tool.

EvilnoVNC is a Ready to go Phishing Platform.

Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection.

In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more.

Check if an IP address or domain is malicious.

isMalicious is a cybersecurity API that helps protect your web applications from malicious or suspicious actors.

phishing domain scanner.

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation.
See what sort of trouble users can get in trying to type your domain name. Find lookalike domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud, and brand impersonation. Useful as an additional source of targeted threat intelligence.

• dnstwist @ GitHub.
• DNSTwist - Domain Name Permutation Engine @ Laurent M.'s LinkedIn .

Stop trying to avoid phishing. Choose a weapon and fight it...

PhishTool gives human analysts the power to reverse engineer phishing emails, to better defend against them. PhishTool is to phishing emails as a disassembler is to malware or a forensic toolkit is to file systems.

HookPhish is a Python script designed to aid in the detection of phishing websites.
It performs various checks on suspected URLs to identify potential threats.

An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

Related contents:

• Nexphisher @ GitHub.

Open-Source Phishing Framework

Gophish is a powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing.

• Gophish @ GitHub

Sources:

• Sensibilisation des utilisateurs : création d’une campagne de phishing avec Gophish et Microsoft 365 @ IT-Connect .
• Déployer un reverse proxy Nginx et un certificat Let’s Encrypt pour Gophish @ IT-Connect .

Can you spot when you’re being phished?