~CloudopsDigest~

  The title of this article was supposed to be “Top 5 Free Phishing Simulators.” However, after much searching. The final list does not include any of the fishy apps that let you create a fake website or phishing site for collecting data. I wanted to focus on tools that allow you to actually run a phishing campaign on your own i.e. create and send at least one phishing email to a real recipient. Basically, if you are looking for a free phishing simulator for your company, you are down to three choices and many more are there; 1) Open-source phishing platforms  2) Demo versions of commercial products 3) Simple tools that will allow you to craft a simple email message and send it to one or several recipients using a specified mail server 5 Simulators are ;  1.Infosec IQ 2. Gophish 3.Phishing Frenzy 4.King Phisher 5.Social-Engineer Toolkit (SET)   

  Please refer this video to achieve this LAB. You can refer my youtube channel for more videos.

  VPC Flow logs Flow Logs feature can be used as a security tool to monitor the traffic that is reaching your EC2 instances. Once enabled, the feature will start  collecting IP traffic data to and from your vpc subnets, data that can be useful to detect and troubleshoot security issues such as restricted security group rule. Analyzing VPC Flow logs Data-

  If you are managing hundreds of EC2 Linux servers where you need to take ssh frequently so this is very difficult to enter machines login ssh password every time. So below solution will help you to resolve this issue. Commands- login to your main server and follow the step below. 1.ssh-keygen 2. ls -a 3. id_rsa.pub (this is key which need to copy to your destination server) 4. ssh-copy-id <destination host- admin@192.168.*.*>

  Problem-   The authenticity of host 'IP X.X.X.X' can't be established. ECDSA key fingerprint is SHA256:U8lQ0PvPeWJgvTWC+MHS2Idjt4ZxcDzoW5/7kwJ60X0. ECDSA key fingerprint is MD5:2f:73:20:11:42:5e:02:8a:65:5a:f3:e1:2c:f8:ad:57. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'host IP' (ECDSA) to the list of known hosts. Permission denied (publickey,gssapi-keyex,gssapi-with-mic). Solution- Sometimes it happens we face above issue while making SSH connection between 2 servers or hosts. Step 1- Make sure ssh server is running  Step 2- Make some configuration changes in SSHD_Config file accordingly. Goto- vi /etc/ssh/sshd_config here we need to make 3 changes 1.Uncommet line- PasswordAuthentication yes 2. Commet Line - #PasswordAuthentication no (This will be line number three) 3. Uncommet- PermitRootLogin yes Step 3- Restart service to apply these changes service sshd restart

  Error- Something went wrong (Error while login into MS Team account) Solutions- Login into Azure admin portal-Select users-select affected user and go to devices-Selected disabled device and click on top to enable it.

 First you need to check current status of the firewall. - sudo ufw status if it is showing inactive or not loaded then it's turned off, OR If it is showing running /active then need to hit below commands. - sudo ufw stop If you don't want to disable and you want to keep it ON then you can add firewall rule with required port number. Example- sudo ufw enable -sudo ufw allow 22 (Here 22 is port for SSH) in same way you can deny this port - sudo ufw deny 22