How #EmailSpoofing works and how to bypass main defense mechanisms. #SPF, #DKIM and #DMARC explained.

Email Spoofing is a social engineering attack where the attacker sends an email pretending to be someone else.

00:00 Email Spoofing Title
00:18 Why spoof emails
00:46 What am I going to talk about
01:01 Who am I
01:06 How email works
01:28 What is email spoofing
02:12 History of the email protocol
02:24 Defenses mechanisms
02:35 Email Server Reputation
03:06 What is inside an email
03:38 What is an email address
03:53 SPF: Sender Policy Framework
05:30 DKIM: DomainKeys Identified Mail
05:55 DMARC: Domain-based Message Authentication, Reporting and Conformance
06:56 Important Notes about test email spoofing
07:18 Hands on: Find a server
07:46 Hands on: Sendemail tool on Kali Linux
08:50 Hands on: How to check SPF, DKIM and DMARC results in gmail
09:08 Who am I

Paulo Murer
Head of cybersecurity at #Dextra

[ Ссылка ]
[ Ссылка ]

свернуть