POST-ENGAGEMENT

GATHERING EMAILS FROM S3

# Once the campaign has concluded , you can go to Amazon S3 -> Click on buckets option -> select your already created phishing bucket -> under ” objects ” tab , you will see all the victims responses as shown below. You can select all the responses and download it , so that it will be helpful for your report when you present it to your organization.

Untitled

# Once the file is downloaded , initially it will be without any extension. So to view the file change its extension by renaming it and then open the file.

REPORTING YOUR FINDINGS

# Remember your purpose : Communicating Risk

# Blurring usernames

# In case of moderate or high percentage of phished users then you need to go for ” User Awareness Training “

DE-PROVISIONING YOUR CAMPAIGN

# Either transfer your domain to your organization , the period of transfer is 2months in AWS.

# Else if they don’t need the domain , you can delete all the DNS records and MX records and let the domain goes inactive after an year . Also terminate your EC2 instance that is your ubuntu server on which the gophish and evilginx has been running.