Strengthen Your Phishing with Apache mod_rewrite and Mobile User Redirection Logo

Strengthen Your Phishing with Apache mod_rewrite and Mobile User Redirection

0
Free
Visit Website

Often times a corporate internal network is heavily locked down. Workstations are restricted with limited internet access. These controls are often less strict on mobile devices (or sometimes not present), especially with BYOD being implemented more and more. While phishing, Apache access logs often show mobile devices accessing the malicious page, yet no sessions are established. I investigated a number of ways to solve the problem and ultimately landed on using Apache’s Rewrite module. The more I learned about mod_rewrite’s abilities, the more benefit I saw in using Apache redirectors for phishing. This post is the first in a series of posts about solving common problems that plague phishing including users visiting a malicious website on their mobile device, users visiting non-existent resources on our fake domains, serving OS-specific payloads, slowing incident responders’ investigations, expiring phishing links, and changing payloads on the fly. The post series is intended to introduce you to using Apache as a phishing redirector and using it to solve common phishing problems, and will hopefully pique your interest into learning more about what Apache can do for your phishing.

FEATURES

ALTERNATIVES

A C2 front flow control tool designed to evade detection by Blue Teams, AVs, and EDRs.

SharpPrinter enables efficient discovery of network printers for security and management purposes.

Collection of Return-Oriented Programming challenges for practicing exploitation skills.

A reconnaissance tool that retrieves information from Office 365 and Azure Active Directory using a valid credential.

Cutting-edge open-source security tools for adversary simulation and threat hunting.

Interactive online malware sandbox for real-time analysis and threat intelligence

Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.

A managed code hooking template for .NET assemblies, enabling API hooking, code injection, and runtime manipulation.