Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Mon, 5 Aug 2019 12:56:33 +0200
From: zugtprgfwprz@...rnkuller.de
To: oss-security@...ts.openwall.com
Subject: Re: New Tool - Phishing Simulation

Hi Jyoti,

On 05.08.19 11:50, jeny raval wrote:

> I have developed this tool "Phishing Simulation", which might be a good fit
> for your arsenal.
> 
> https://github.com/jenyraval/Phishing-Simulation
> 
> I will also be presenting this one at defcon this year. Let me know if any
> more information is needed.

It sounds interesting, I checked it out. Here's some feedback: I had
trouble figuring out immediately what the tool did. The information in
the README doesn't make it all too clear in my opinion.

For example, it says that it's an interactive tutorial, but you don't
need "any actual setup". Further down it apparently requires a webserver
and database server and mentions a future Docker setup description. So
that's a tad bit confusing. I.e., I think when you're referring to "no
infrastructure" is that you don't need to have an Internet-facing host
or something like that? And that the tutorial infrastructure could be
installed locally and users directed to that?

Maybe you could add how it does actually work in practice. I.e., do I
install it locally on one host and give out URIs to users who I want to
test and they complete the tutorial/quiz? Maybe you could use GitHub
pages to include screenshots of how that looks?

I'd be curious as to how it all works, but it'd be really cool if I
could get more info without having to go through the motions of actually
installing everything :)

Thanks for sharing,
All the best,
Joe


-- 
"A PC without Windows is like a chocolate cake without mustard."

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.