Hook, Line, and Tinker: A Dive into Phishing Campaign Sites
Rick Ramgattie
BSidesSF 2024 · Day 1
In his BSidesSF 2024 talk, "Hook, Line, and Tinker: A Dive into Phishing Campaign Sites," Rick Ramgattie, an ABC Engineer at Gemini Trust Company, presented a compelling and practical exploration into the world of active phishing campaigns. The presentation detailed three distinct case studies where Ramgattie, leveraging his background in application security and a passion for threat hunting, actively engaged with adversary infrastructure to understand phishing methodologies, identify vulnerabilities in defensive controls, and ultimately improve security posture for affected organizations.
AI review
This talk is a masterclass in practical adversary infrastructure analysis. Ramgattie dives deep into three distinct phishing campaigns, demonstrating hands-on techniques to uncover attacker methods, from Cloudflare WAF bypasses and sophisticated AiTM proxying to exploiting misconfigured PHP servers leaking SMTP logs and web3 wallet draining. The focus on actionable intelligence derived from direct interaction with adversary infrastructure provides invaluable insights for any serious defender.