Skill UI

This guide outlines the comprehensive process for planning and executing authorized vishing (voice phishing) pretext calls. Used in red teaming exercises, it assesses employee susceptibility to social engineering attacks and evaluates the effectiveness of existing security awareness controls. Key steps include OSINT research, developing believable pretexts (e.g., IT helpdesk impersonation), structured call execution, and collecting detailed metrics.

This guide details the end-to-end process for executing authorized phishing simulations. It instructs security teams and red teams on designing realistic social engineering pretexts, setting up credential harvesting infrastructure (using tools like GoPhish), and measuring key metrics such as open rates, click-through rates, and credential submission rates. It is crucial for assessing organizational human security awareness and testing email security controls (e.g., DMARC, SPF, DKIM).

This comprehensive guide details how to design, deploy, and measure a robust anti-phishing security awareness program. By combining regular simulations, interactive role-based learning modules, and metric tracking, organizations can build a strong security-conscious culture. It covers initial baseline assessments, continuous difficulty scaling, and compliance alignment using industry-leading tools like KnowBe4 and Proofpoint.

A comprehensive guide to deploying Palo Alto Networks Next-Generation Firewalls (NGFWs). Covers advanced security techniques like App-ID for application awareness, User-ID for identity mapping, zone-based policy enforcement, SSL decryption, and robust threat prevention profiles. Essential for building enterprise-grade network security architectures.

This skill provides a comprehensive automation solution for conducting red team phishing simulations using the Python gophish library. It streamlines the entire campaign lifecycle, including creating sophisticated email templates with tracking pixels, configuring SMTP profiles, importing user groups from CSV, launching targeted attacks, and generating detailed reports on open rates, click-through rates, and credential submission statistics for robust security awareness assessments.

This guide provides essential security and technical guidance for integrating Wispr Flow's voice-to-text API. It covers best practices for authentication (API keys, access tokens), utilizing streaming methods like WebSockets, handling common API errors, and optimizing context awareness for high-accuracy transcription in various applications.

This skill details the process of building and maintaining a comprehensive anti-phishing training program. It covers establishing baseline susceptibility assessments, deploying regular, progressive simulations, and providing interactive, role-based learning modules (using platforms like KnowBe4 or Proofpoint). The focus is on measuring and improving the human layer of defense against social engineering and sophisticated phishing attempts, thereby fostering a continuous security culture.

A comprehensive guide for conducting authorized vishing (voice phishing) pretext calls. This technique, utilized in red-teaming, simulates an attacker impersonating a trusted authority (e.g., IT support, vendor) to test an organization's human security controls. It measures employee adherence to verification protocols and highlights vulnerabilities in staff security awareness.