phishing-simulation-skill

Solid

Phishing simulation campaign execution and analysis for security awareness assessment

AI & Automation 1,160 stars 71 forks Updated today MIT

Install

View on GitHub

Quality Score: 96/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Phishing Simulation Skill ## Purpose Execute and analyze phishing simulation campaigns to assess organizational security awareness, identify high-risk users, and measure the effectiveness of security training programs. ## Capabilities ### Campaign Template Generation - Create realistic phishing email templates - Design landing pages for credential harvesting simulations - Generate attachment-based simulation scenarios - Create spear-phishing templates using OSINT - Develop pretexting scenarios - Build multi-stage attack simulations ### Campaign Execution - Schedule and launch simulation campaigns - Manage target user groups - Configure sending parameters (timing, throttling) - Handle bounce and delivery tracking - Implement safe landing pages - Manage campaign duration and scope ### User Response Tracking - Track email open rates - Monitor link click rates - Record credential submission attempts - Track attachment opens - Measure response times - Identify repeat offenders ### Awareness Reporting - Generate campaign summary reports - Create department-level breakdowns - Produce trend analysis over time - Compare against industry benchmarks - Generate executive dashboards - Export data for further analysis ### Risk User Identification - Identify users who clicked links - Flag users who submitted credentials - Track repeat high-risk behavior - Score user security awareness - Prioritize users for additional training ### Training Recommendations - Recommend targeted tra...

Details

Author
a5c-ai
Repository
a5c-ai/babysitter
Created
4 months ago
Last Updated
today
Language
JavaScript
License
MIT

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

executing-phishing-simulation-campaign

Executes authorized phishing simulation campaigns to assess an organization's susceptibility to email-based social engineering attacks. The tester designs realistic phishing scenarios, builds credential harvesting infrastructure, sends targeted phishing emails, and tracks open rates, click-through rates, and credential submission rates to measure human security awareness. Activates for requests involving phishing simulation, social engineering assessment, email security testing, or security awareness measurement.

13,115 Updated today
mukul975
DevOps & Infrastructure Listed

phishing-sim

Phishing-simulation campaign workflow — RoE and ethical-scope template, population segmentation, pretexting patterns (HR/IT/finance/vendor/calendar), infrastructure (sender domain, SPF/DKIM/DMARC, tracking), click-rate and credential-success metrics, opt-out and duty of care, NL/EU AVG context for employee monitoring.

4 Updated 1 weeks ago
roodlicht
AI & Automation Featured

conducting-spearphishing-simulation-campaign

Spearphishing simulation is a targeted social engineering attack vector used by red teams to gain initial access. Unlike broad phishing campaigns, spearphishing uses OSINT-derived intelligence to craf

13,115 Updated today
mukul975
AI & Automation Featured

performing-phishing-simulation-with-gophish

GoPhish is an open-source phishing simulation framework used by security teams to conduct authorized phishing awareness campaigns. It provides campaign management, email template creation, landing pag

13,115 Updated today
mukul975
AI & Automation Featured

implementing-anti-phishing-training-program

Security awareness training is the human layer of phishing defense. An effective anti-phishing training program combines regular simulations, interactive learning modules, metric tracking, and positiv

13,115 Updated today
mukul975