Skip to content

dsnezhkov/deepsea

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
cmd
cmd
 
 
conf
conf
 
 
docs
docs
 
 
global
global
 
 
rmailer
rmailer
 
 
.DS_Store
.DS_Store
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

DeepSea Phishing Gear

DeepSea phishing gear aims to help RTOs and pentesters with the delivery of opsec-tight, flexible email phishing campaigns carried out on the outside as well as on the inside of a perimeter.

Goals

  • Operate with a minimal footprint deep inside enterprises (Internal phish delivery).
  • Seamlessly operate with external and internal mail providers (e.g. O365, Gmail, on-prem mail servers)
  • Quickly re-target connectivity parameters.
  • Flexibly add headers, targets, attachments
  • Correctly format and inline email templates, images and multipart messages.
  • Use content templates for personalization
  • Account for various secure email communication parameters
  • Clearly separate artifacts, mark databases and content delivery for multiple (parallel or sequential) phishing campaigns.
  • Help create content with minimal dependencies. Embedded tools to support Markdown->HTML->TXT workflow. |

45 config lines is all you need to consistently send a decent phish ...

Usage

Read more here

Build

cd ~/go/src/
export GOPATH=~/go

git clone  https://github.com/dsnezhkov/deepsea
cd deepsea

export GO111MODULE=on
go get
go build -o deepsea main.go

Operations

Setup campaigns workspace

mkdir -p campaigns/campaign1
cp conf/template.yaml campaigns/campaign1/campaign1.yaml
cd campaigns/campaign1

Set Workspace tasks

  • edit campaign.yaml

See descriptions of directives in template

  • edit marks.csv
ident,email,firstname,lastname
<dynamic>,user@gmail.com,,

Load Marks

Note: Manual step (TBD for resolution):

  • Create DB file: touch campain.db

  • load marks from CSV (command like params shown, but could also be defined in the yml)

../../deepsea  --config campaign1.yaml  storage -d ./campaign.db  load -s ./marks.csv

Alternatively, split db management tasks:

  • create DB
../../deepsea  --config campaign1.yaml  storage  -d ./campaign.db manager  -T createtable
Using config file: ./campaign1.yaml
2019/11/18 13:16:16 Task: createtable
2019/11/18 13:16:16 Creating Marks table
  • load marks from CSV
../../deepsea  --config campaign1.yaml  storage -d ./campaign.db  load -s ./marks.csv
Using config file: ./campaign.yaml
2019/11/18 13:21:11 Dropping table Mark if exists
2019/11/18 13:21:11 Creating Marks table
2019/11/18 13:21:11 Pointing to mark table
2019/11/18 13:21:11 Removing existing rows if any
2019/11/18 13:21:11 Inserting a row
2019/11/18 13:21:11 Querying for result : find()
2019/11/18 13:21:11 Getting all results
2019/11/18 13:21:11 Printing Marks

vobi97v7, user@gmail.com, , .
  • you can verify the marks are loaded
../../deepsea  --config ./campaign.yaml  storage  -d ./campaign.db manager  -T showmarks
Using config file: ./campaign.yaml
2019/11/18 13:22:17 Task: showmarks
2019/11/18 13:22:17 Querying for result : find()

-= Table: Marks =-
vobi97v7, user@gmail.com, , .

Create Content

Tow methods: templated and hand-rolled

Templated

  1. Get a decent HTML template Ex: wget https://raw.githubusercontent.com/leemunroe/responsive-html-email-template/master/email.html

  2. write content introduce key/value pairs from yml's template-data/dictonary and interpolate in the template

  3. Inline CSS (if needed) when done with the template (.htpl)

../../deepsea mailclient --config ./campaign.yaml  content inline
  1. Create a TXT verson from the HTML version (.ttpl)
../../deepsea mailclient --config ./campaign.yaml  content multipart
Hand rolled. Tools

DeepSea provides tools to help roll yourt own html. Most likely you might want to:

  • Cretate HTML snippets from Markdown for fast prototyping
  • HTML to TEXT for seeing how HTML structure looks in terminal and multipart testing
  • Inline CSS Styling for older clients
  • Multipart messages

Example (MD2HTML):

../../deepsea mailclient --config ./campaign.yaml  content md2html  -M ./campaigns/campaign1.md -H ./campaigns/campaign1.html

#STDOUT
../../deepsea mailclient --config ./campaign.yaml  content md2html  -M ./campaigns/campaign1.md 
../../deepsea mailclient --config ./campaign.yaml  content html2text  -K ./campaigns/campaign1.html -L ./campaigns/campaign1.txt

Mail Campaign

../../deepsea mailclient --config ./campaign.yaml 

Using config file: ./campaign.yaml
SMTP Server : smtp.office365.com
SMTP Port   : 587
SMTP User : user@outlook.com
SMTP TLS : yes
From: user@outlook.com
To: campaign.db
Subject: Subject.
Text Template: message.ttpl
HTML Template: message.htpl

-= SMTP Authentication Credentials for smtp.office365.com =-
Enter Password: 

2019/11/18 18:14:18 Pointing to mark table
2019/11/18 18:14:18 Querying for result : find()
2019/11/18 18:14:18 Getting all results
2019/11/18 18:14:18 -= Marks =-
Emailing: user@gmail.com [id:vobi97v7]

Note: We ask for password on the email provider account interactively for now.

Testing

If you need to run campaign to a test emails, you can reload test marks. For that, just recycle the data in the marks table like so:

../../deepsea  --config ./campaign.yaml storage manager -T recycletable
Using config file: ./campaign.yaml
2019/11/18 18:39:17 Task: recycletable
2019/11/18 18:39:17 Dropping table Mark if exists
2019/11/18 18:39:17 Creating Marks table
  • edit marks.csv
  • load test marks
../../deepsea  --config ./campaign.yaml storage load

About

DeepSea Phishing Gear

Topics

phishing pentesting redteam

Resources

Readme

License

Apache-2.0 license
Activity

Stars

117 stars

Watchers

10 watching

Forks

26 forks
Report repository

Releases

3 tags

Packages

No packages published

Languages