New phishing websites are setup every few seconds with intentions on stealing your credentials, infecting your system, or convincing you to do something via social engineering. Most of these sites are distributed and deployed through (mostly crude) automation which usually results in attackers leaving their kits behind. During this talk I will walk through what phish kits are, why they are important for proactive defense, security research, and how you can automate identifying these kits in the wild.

atomic-operator enables security professionals to test their detection and defensive capabilities against prescribed techniques defined within atomic-red-team. By utilizing a testing framework such as atomic-operator, you can identify both your defensive capabilities as well as gaps in defensive coverage.