phishing-frenzy
phishing-frenzy copied to clipboard
pentestgeek
Ruby on Rails Phishing Framework
I run into this when trying to clone any website, I have attached a screenshot of the output. 
Maybe something like https://jejacks0n.github.io/mercury/ could be integrated?
Sidekiq should be daemonized on system start? e.g. with the following script: http://cdyer.co.uk/blog/init-script-for-sidekiq-with-rbenv in `/etc/init.d/sidekiq` and `update-rc.d sidekiq defaults`
Quickly add an unsubscribe link to the email - tracks user, but uses default unsubscribe template which may deploy/redirect to an exploit page etc? This gives a second chance to...
Poke @antisnatchor It would be super helpful to have a template site configuration which uses mod_proxy to forward appropriate external requests to a BeEF server. Or template configuration to add...
https://github.com/resque/resque-scheduler https://github.com/resque/resque
WebFEET attempts to downloads lots of files, and attempts to identify if they bypass proxy/av as it inspects the DOM afterwards to see if they are received. https://github.com/nccgroup/WebFEET
I often have no idea what payload may work - are macros disabled? Is there application whitelisting? etc so like to send multiple payload attachments. At present have to run...
If a target page to be cloned returns ERB code, I believe the calls to: render :inline => @clone.page https://github.com/pentestgeek/phishing-frenzy/blob/master/app/views/clones/show.html.erb#L15 https://github.com/pentestgeek/phishing-frenzy/blob/master/app/views/clones/preview.html.erb will execute that embedded code. It is not safe...
