Walkthrough showcasing how the EvilSlackbot red team framework can be used to send simulated phishing messages, malicious files, and search for leaked secrets within Slack Workspaces.
Slides from the Black Hat MEA talk
I created this Slack attack framework for red teams and pentesters conducting Phishing simulations within Slack workspaces. EvilSlackbot utilizes xoxb bot tokens and allows you to send Spoofed bot messages, phishing links, files, and search Slack for leaked secrets via a keyword search.
This tool can also be used to automate slack phishing exercises, by feeding EvilSlackbot a list of emails you would like to test by sending them simulated phishing messages.
Hello everyone! I recently developed a python program for hiding files inside images (steganography) and I'm right now working on a encryption system too.
This is just a fun little project and also my first to reach > 100 stars. I'd love to see someone contribute in any way, whether that is a pull request or any kind of issue. I'd prefer if people used the GitHub repo for asking questions, requesting features or reporting a bug (of course I'll answer questions here too, asking them on the GitHub page can let other people see the answer too tho).
Thanks for reading through this, hope you'll like the project!
My analysis on the recently dismantled ipstorm golang malware. Itβs rather noisy for malware.