This talk will introduce spear phishing and how successful these attacks are in the real-world. It will then introduce a newly developed OWASP open source tool called LUNKER. This tool and research is designed to first educate and illustrate how criminals are using these attacks to gain access to real networks. And how to mitigate this risk. It is an advanced phishing framework being developed using data from over 300 successful audits in the field. The tool offers features unavailable from any other tool available publically. The talk will be a demo on how this attack works as a feature of the framework and will run in local host mode so the crowd could actually participate in this exercise if they have a wireless card.
Access will be made available to the tool so the audience so see it hands on (minus outbound attack mode). A special LiveCD with the tool would be made and given to participants attending the talk.