What tools are covered in this skill?

It provides detailed usage guides for Shellphish, which simulates credential harvesting for popular sites, and Wifiphisher, which targets WiFi network vulnerabilities.

Do I need specific hardware for WiFi phishing simulations?

Yes, for WiFi-based social engineering, you typically need WiFi adapters that support monitor mode and Access Point (AP) mode on a Linux-based system like Kali Linux.

Is this skill for illegal hacking?

No, this skill is strictly for authorized penetration testing and security awareness training. It requires explicit written consent from the target organization before any simulation begins.

Can this skill help my organization defend against phishing?

Yes, it includes guidance on implementing technical defenses like SPF, DKIM, and DMARC, as well as strategies for effective employee security awareness training.

Does this skill automate the actual phishing process?

It acts as a guide and assistant, providing the necessary commands, workflow steps, and best practices for a security professional to execute the tools manually.

Phishing Simulation & Security Awareness

Name: Phishing Simulation & Security Awareness
Author: zebbern

byzebbern

•

Seguridad y Pruebas

Guides security professionals through authorized phishing simulations and social engineering tests using tools like Shellphish and Wifiphisher.

This skill provides a comprehensive framework for conducting ethical phishing campaigns and security awareness training. It equips users with detailed guides for credential harvesting simulations with Shellphish, WiFi-based social engineering using Wifiphisher, and best practices for crafting realistic phishing pretexts. Designed for authorized penetration testing, it helps organizations identify human-centric vulnerabilities, measure security awareness, and implement technical defenses like SPF/DKIM/DMARC to mitigate real-world social engineering threats.

Características Principales

01Guidelines for technical defenses including SPF, DKIM, and DMARC verification

0210 GitHub stars

03Templates for crafting convincing social engineering pretexts

04Step-by-step guides for Shellphish credential harvesting templates

05WiFi phishing (Evil Twin) attack workflows with Wifiphisher

06Reporting frameworks for security awareness and vulnerability assessments

Casos de Uso

01Conducting authorized internal phishing simulations to test employee security awareness

02Educational demonstrations of social engineering tactics for security training

03Performing WiFi security audits using rogue access point simulations

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add zebbern/secops-cli-guides phishing-attacks

For use in Claude.ai and ChatGPT

Download Skill