Скачать с ютуб MailFail: Who's Spoofing your Email, and How are they Doing it? в хорошем качестве

MailFail: Who's Spoofing your Email, and How are they Doing it?

/// 🔗 Register for webcasts, summits, and workshops - https://blackhillsinfosec.zoom.us/ze/... ✉️ MailFail Extension (Firefox) and other resources https://m.ail.fail/ 🛝 Webcast Slides - https://www.blackhillsinfosec.com/wp-... 🔗 Jack's list of DKIM selectors - https://github.com/ACK-J/MailFail/blo... - 🔗 Download the extension - https://addons.mozilla.org/en-US/fire... - 🔗 github repository - https://github.com/ACK-J/MailFail/ - 🔗 Reconstruct private keys from the two prime numbers - https://gist.github.com/ACK-J/487d0de... - 🔗 Send DKIM signed emails script with a private key - https://gist.github.com/ACK-J/76585af... - 🔗 Here's a bonus that wasn't in the presentation - Python script that takes in a list of domains and checks them for DMARC misconfigurations - https://gist.github.com/ACK-J/8a189ba... - MailFail: Who's Spoofing your Email, and How are they Doing it? The Inherent flaws of email security with Jack Hyland Dear Reader, Email is a topic people either know very well or not at all. I was in the latter category before I started my research alongside a wise Nigerian prince. Now I want to spread the word with a webcast that definitely cannot be summarized by an email. At least not one which you'd actually read. I’ve found universities, government websites, and “top 100s” with misconfigurations. SMTP is inherently insecure; anyone can spoof any email address. Over the years, there have been layers of security mechanisms bolted to your inbox to reject these spoofs. Most folks don't know they exist, let alone how they work. (SPF, DMARC, ARC, DANE, MTA-STS, BIMI, SMTP TLS Reporting, DNSSEC, and DKIM) In conclusion, I’ve developed a web browser extension which will highlight what is good and what is bad in your org’s configuration, and then show you how attackers could exploit the bad. Sincerely, Abraham Lincoln ///Chapters 0:00 Introduction 0:45 Concepts 1:13 Take Aways 1:43 Email Terminology 3:03 SMTP Commands 3:50 Malicious MTA 4:27 Sending an Email 7:07 Send-MailMessage 9:39 Sender Policy Framework (SPF) 11:57 SPF Bypass 13:13 SPF 13:33 SMTP From vs Email From 18:40 Other Mail Clients 20:55 SPF Bypassed 21:12 DomianKeys Identified Mail (DKIM) 25:08 DKIM Bypass 26:02 DKIM 34:16 Cracking DKIM Keys 42:27 Domain-Based Message Authentication (DMARC) 48:04 DMARC Facts 48:58 DMARC 49:16 DMARC Policy 51:38 DMARC Reporting 53:36 MAILFAIL 1:04:38 Conclusion TL;DR 1:05:06 Reference 1:05:51 Q&A Chat with your fellow attendees in the Black Hills Infosec Discord server:   / discord   in the #🔴webcast-live-chat channel.