PhishReportCS is a penetration testing and red teaming tool that automates the phishing campaign reporting process for Cobalt Strike phishing campaigns.
Main Features
- Automated phishing campaign reporting
- A phishing report that combines the Cobalt Strike TSV files
- A phishing report that highlights all phishing clicks
- A phishing report that is converted into a reporting format similar to PhishMe but with additional data
- A phishing report that customized to highlight important details from the phishing campaign
Requirements
Installation
Clone the GitHub repository
git clone https://github.com/centralinfosec/Cobalt-Strike-Phishing-Campaign-Reporting /opt/Central-InfoSec/Cobalt-Strike-Phishing-Campaign-Reporting
Usage
- Load the Custom Cobalt Strike Aggressor Script (PhishingProfiler.cna)
- Execute a phishing campaign with Cobalt Strike
- Export the Cobalt Strike phishing data in TSV files
- Update the directory names in the PowerShell script (Lines 14, 17, & 20)
- Run the following PowerShell script:
CreatePhishingReportsFromCobaltStrikePhishingCampaign.ps1Example Screenshots
Input Files
Example of EmployeeDetails.csv
Output Files
Example of Phishing Campaign Report 1
Example of Phishing Campaign Report 2
Example of Phishing Campaign Report 3
Example of Phishing Campaign Report 4
The Best Pen Test Company - Central InfoSec
Let’s Work Together
If you’d like to see why Global 100 named Central InfoSec as the Best Boutique Penetration Testing Company and why Corporate Vision selected Central InfoSec as the Best Penetration Testing Firm, let's have a chat to see how you could benefit from Central InfoSec security services. It’s simple and easy. We’ll even include a free customized quote. Let’s get started: Contact Us
Central InfoSec was named the best boutique pen test company and the best pen test firm because we offers some of the best pentest services to help you test, measure, and improve your overall security posture. Security services offered include red teaming, penetration testing, vulnerability assessments, cloud (AWS / Azure) penetration testing, web application pen testing, managed phishing, and other tailored security services to help you reduce risk to your organization.