What tools are covered in this skill?

It provides detailed usage guides for Shellphish, which simulates credential harvesting for popular sites, and Wifiphisher, which targets WiFi network vulnerabilities.

Do I need specific hardware for WiFi phishing simulations?

Yes, for WiFi-based social engineering, you typically need WiFi adapters that support monitor mode and Access Point (AP) mode on a Linux-based system like Kali Linux.

Is this skill for illegal hacking?

No, this skill is strictly for authorized penetration testing and security awareness training. It requires explicit written consent from the target organization before any simulation begins.

Can this skill help my organization defend against phishing?

Yes, it includes guidance on implementing technical defenses like SPF, DKIM, and DMARC, as well as strategies for effective employee security awareness training.

Does this skill automate the actual phishing process?

It acts as a guide and assistant, providing the necessary commands, workflow steps, and best practices for a security professional to execute the tools manually.

Phishing Simulation & Security Awareness

Name: Phishing Simulation & Security Awareness
Author: zebbern

byzebbern

•

Seguridad y Pruebas

Guides security professionals through authorized phishing simulations and social engineering tests using tools like Shellphish and Wifiphisher.

Acerca de

This skill provides a comprehensive framework for conducting ethical phishing campaigns and security awareness training. It equips users with detailed guides for credential harvesting simulations with Shellphish, WiFi-based social engineering using Wifiphisher, and best practices for crafting realistic phishing pretexts. Designed for authorized penetration testing, it helps organizations identify human-centric vulnerabilities, measure security awareness, and implement technical defenses like SPF/DKIM/DMARC to mitigate real-world social engineering threats.

Características Principales

Guidelines for technical defenses including SPF, DKIM, and DMARC verification
10 GitHub stars
Templates for crafting convincing social engineering pretexts
Step-by-step guides for Shellphish credential harvesting templates
WiFi phishing (Evil Twin) attack workflows with Wifiphisher
Reporting frameworks for security awareness and vulnerability assessments

Casos de Uso

Conducting authorized internal phishing simulations to test employee security awareness
Educational demonstrations of social engineering tactics for security training
Performing WiFi security audits using rogue access point simulations

Acerca de

Características Principales

Guidelines for technical defenses including SPF, DKIM, and DMARC verification
10 GitHub stars
Templates for crafting convincing social engineering pretexts
Step-by-step guides for Shellphish credential harvesting templates
WiFi phishing (Evil Twin) attack workflows with Wifiphisher
Reporting frameworks for security awareness and vulnerability assessments

Casos de Uso

Conducting authorized internal phishing simulations to test employee security awareness
Educational demonstrations of social engineering tactics for security training
Performing WiFi security audits using rogue access point simulations