Red teaming can be challenging especially when simulating real-world attacks like QR code phishing (“quishing”) within a tightly defined scope. How do you credibly launch a phishing campaign without wanting to know the specific targets, exposing sensitive information, or putting unintended users at risk?

This session offers a behind-the-scenes look at how our team tackled these constraints. We will dig into some opensource tools that can be used and some custom tweaks that we made to make it more secure / believable and the pitfalls you can hopefully avoid.

We will walk you through the attack chain from the phishing poster ==> using a customized EvilGinx to perform in scope determination ==> Generate a believable ending for our "users" and as a closure some automated attacks that can be performed as a follow up.

> Based on if it is a lightning talk or a main stage talk we can go deeper in the technical details (how to modifying evilginx, poster OPSEC setup) or a more general explanation of the attack and the lessons learned.