Yet another development, infosec and offensive security blog

Category archive for phishing

Phishing for Slack-tokens

04 Feb 2021
Slack (and other Electron apps) often use cookies to store session/access tokens. Perhaps we can extract and use these tokens for phishing awareness training?

Creating fake alerts in phishing emails

06 Nov 2020
Use CSS and HTML to hide and replace administrator injected alerts in Office 365