all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

EvilSlackbot: A Slack Attack Framework

Add to bookmarks
Nov. 27, 2023, 2:07 p.m. | /u/Dr_Mantis_Tobbogon

/r/netsec - Information Security News & Discussion www.reddit.com

I created this Slack attack framework for red teams and pentesters conducting Phishing simulations within Slack workspaces. EvilSlackbot utilizes xoxb bot tokens and allows you to send Spoofed bot messages, phishing links, files, and search Slack for leaked secrets via a keyword search.

This tool can also be used to automate slack phishing exercises, by feeding EvilSlackbot a list of emails you would like to test by sending them simulated phishing messages.

attack attack framework bot exercises files framework leaked leaked secrets links messages netsec phishing phishing links red teams search secrets send simulations slack spoofed teams tokens tool

Visit resource

More from www.reddit.com / /r/netsec - Information Security News & Discussion

Exfiltrate WhatsApp chat, or internal data of any Android app, running on Android 12 or … 15 hours ago | www.reddit.com
android android app app chat +9
Microsoft Windows Endpoint Forensics Readiness Booster 18 hours ago | www.reddit.com
endpoint forensics microsoft microsoft windows +2
ScriptBlock Smuggling: Spoofing PowerShell Security Logs and Bypassing AMSI Without Reflection or Patching 18 hours ago | www.reddit.com
amsi bypassing logs netsec +5
Bypassing Okta’s Passwordless MFA: Technical Analysis and Detection 19 hours ago | www.reddit.com
analysis bypassing detection mfa +6
Abusing title reporting and tmux integration in iTerm2 for code execution (CVE-2024-38396) 22 hours ago | www.reddit.com
abusing code code execution cve +5
Iconv, set the charset to RCE (part 2): Remote code execution on Roundcube (CVE-2024-2961) 23 hours ago | www.reddit.com
code code execution cve cve-2024 +6
Encrypt/decrypt with SSH keys 2 days, 19 hours ago | www.reddit.com
decrypt encrypt keys netsec +2
Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces: CVE-2023-51449 and … 3 days, 18 hours ago | www.reddit.com
cve exploiting file hugging face +4
Introducing YetiHunter: An open-source tool to detect and hunt for Suspicious activity in Snowflake 4 days, 14 hours ago | www.reddit.com
detect hunt netsec snowflake +1

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA
View on infosec-jobs.com

Security Compliance Manager

@ Aptiv | USA Boston Software Office 100 Northern - Eng
View on infosec-jobs.com

Senior Radar Threat Analyst | Secret clearance

@ Northern Trust | USA CA Point Mugu - 575 I Ave, Bldg 3015 (CAC212)
View on infosec-jobs.com

Space Information Systems Security Engineer (ISSE)

@ Parsons Corporation | USA VA Chantilly (Client Site)
View on infosec-jobs.com

Information Systems Security Manager -Journeyman

@ Parsons Corporation | USA CO Colorado Springs (5450 Tech Center Drive)
View on infosec-jobs.com

Information Systems Security Officer (ISSO) II

@ Northern Trust | USA CA Riverside - Customer Proprietary (CAC225)
View on infosec-jobs.com