Posts tagged #go

One of the questions I see most often from Gophish users is “how do I get past my spam filter?” Generally, my answer to this is something along the lines of “just whitelist the IP address,” since it’s my opinion that phishing simulations should be a test of the people and processes, not the email infrastructure.

But what if we do want to test the email infrastructure?

This post is the first in a two-part series about how I’m creating the email healthcheck service for Gophish. This post talks about how I handle DNS programmatically, and the next post will describe the actual architecture being used.

Introduction

I recently wrote about an Elasticsearch RCE vulnerability that is being heavily exploited in the wild. To see what kind of attacks are taking place, I decided to write a simple honeypot designed to mimic a vulnerable Elasticsearch (ES) instance. Say hello to elastichoney!

Introduction

It’s been a busy couple of months!

I thought it would be worth providing a long-overdue update into the development status of gophish. Overall, the project is getting closer to beta status every day, and I’m hoping to see a 0.1 release at the end of March.

Without further ado, let’s dive in and see where we’re at.

Introduction

I’ve been playing around with Go for about a month now, and I’ve really grown to like it. After getting used to the syntax and remembering what a pointer is for (thanks, Python), Go has become a favorite language to develop with. I’m even using it for the Matasano Crypto Challenges (which are awesome).

While the standard library in Go is definitely robust, being a young language, there are a few niceties that aren’t yet included. Sending email is one of them. Don’t get me wrong, Go has a wonderful SMTP package, MIME package, and even a Mail package (which only parses existing email messages). However, there is no library to actually create emails in a meaningful way. Since Gophish relies heavily on sending emails, I’ve sought to change this. And, after reading more RFC’s than I normally prefer, I believe I’ve created a package that provides intuitive, robust, and flexible email creation and sending called email.

Let’s see how to use it.

Introduction

Since the Simple Phishing Toolkit (SPT) was discontinued, I’ve wanted to create a simple, effective, and open-source phishing toolkit. In recent years, we’ve seen a rise in spear-phishing attacks targeting large organizations, most of which are largely successful. The goal of this toolkit will be to provide businesses and penetration testers with the ability to quickly and easily perform in-house or contracted phishing engagements, and track the responses to see where improvements can be made. This toolkit will be called gophish.

In addition to this, I’ve been casually poking around at go for a while now, and have decided it would be good to finally put it to use in a larger project. I’m a fan of seeing the steady development and updates of projects as they are created. I believe it can help keep the developer motivated and the users informed and involved, so this is what I’m going to do. Hopefully, these posts will allow others to learn alongside me, as well as spur improvements from experienced go developers so that gophish can be the best product possible.

With that being said - let’s get started!