Most of the attacks on an organizations occurs only through email phishing including few ransomware attacks.

RESEARCHING YOUR TARGET

1. Go to your targets website and check for ways to approach them to do phishing attack.( Example: Any names or mail address of that company might be present , so the attacker can use that mail ID as a victim. We should also do some OSINT research for getting a detailed information on the victim or target. )
2. Next you have to setup a phishing campaign in AWS -> Route53 -> Register Domain -> Search for the available domain and purchase. ( NOTE: Creating a proper phishing domain is essential for an attack to get succeed. )

EXAMPLE:-

• In Route53 check for the available names first. For instance I have checked for ” Valeo.com ” as shown below.

• Then you can either use the below suggestions or create a phishing domain which is hard to find using the Unicode characters from this site ( https://altcodeunicode.com/ )
• Here I have used the below Unicode character which will be hard to notice for most of the victims.

• So when I replaced this character in the target domain and checked the domain name seems to be available for me to purchase and use it for phishing attack.

( NOTE: The domain name is very hard to differentiate from the legitimate one. )

INTRODUCTION TO GOPHISH

# We will be using an open-source phishing framework known as ” go phish ( https://getgophish.com/ ) ” for our phishing campaign.

INTRODUCTION TO EVILGINX2

# It is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass two-factor authentication protection. ( https://github.com/kgretzky/evilginx2 )

# Check this blog for more info on the working of Evilginx ( BLOG : https://breakdev.org/tag/evilginx/ )

INTRODUCTION TO AWS FOR PHISHING