HOU.SEC.CON (Sep/2025)
Effective phishing campaigns traditionally demand extensive manual effort, involving detailed target reconnaissance, crafting believable scenarios, and setting up infrastructure. These manual processes significantly restrict scalability and customization. This talk explores a practical approach to leveraging Generative AI for automating core aspects of phishing workflows, drawing on direct experiences and real-world threat actors such as Emerald Sleet, Crimson Sandstorm, and Charcoal Typhoon.
The session thoroughly compares results from different models and platforms, including OpenAI ChatGPT, Anthropic Claude, and local alternatives, highlighting distinct strengths, weaknesses, and techniques for optimizing outcomes. Attendees will gain insights into deploying an end-to-end phishing campaign, emphasizing the models’ effectiveness in reducing the technical barrier of scaling phishing attacks. Finally, the talk underscores that while AI significantly enhances operational efficiency, it functions best when complemented by human judgment and expertise, reinforcing the critical human factor in cybersecurity practices.
HOU.SEC.CON 2025: https://web.cvent.com/event/9ba9c5ea-9502-44a2-922e-d026c047c9f3/websitePage:dd3dff4f-9597-4a4b-960e-eb732a9a3853?session=6c9e50ba-cce4-4ff0-a21b-8b59bc245729
0xc0da
yahonda
keigosuda
kworkdev
nrinetcom
sansan33
findy_eventslides
visional_engineering_and_design
y___u
ditccsugii
ornew
nasuvitz
jcasabona
caitiem20
jacobian
eileencodes
marcelosomers
tammyeverts
morganepeng
mclloyd
matthewcrist
irinanazarova
rasmusluckow
honnibal
