C2 Setup
General
Register custom domain and setup lets encrypt to get a valid certificate. Then use a reverse proxy to forward traffic to the c2 which is only reachable on localhost (or a remote server).
Apache reverse proxy
The idea is to proxy only certain endpoints to the C2 server (change the default profile and make an entry for each route).
Phishing Setup
Register Account with njal.la and buy a similar sounding domain anonymously
Register Account with mailgun and subscribe to enable custom domains, then register your fresh domain there and make the required dns entries
Setup GoPhish Server on a EC2 instance, use mailgun smtp credentials to send mails
Then setup a good landing page, link the page in your email and have the page contain a download link for a document, exe etc., depending on your pretext.
Finally test your mail vs. a private address and if everything works out send it to the targets. Make sure the pretext contains calls to action and a sense of urgency (e.g. install this software to keep working remotely, fill this document to receive something etc.)
Last updated