Kali Linux

goCabrito : Super Organized And Flexible Script For Sending Phishing Campaigns

goCabrito is a super organized and flexible script for sending phishing campaigns.

Features

  • Sends to a single email
  • Sends to lists of emails (text)
  • Sends to lists emails with first, last name (csv)
  • Supports attachments
  • Splits emails in groups
  • Delays sending emails between each group
  • Support Tags to be placed and replaced in the message’s body
    • Add {{name}} tag into the HTML message to be replaced with name (used with –to CSV).
    • Add {{track-click}} tag to URL in the HTML message.
    • Add {{track-open}} tag into the HTML message.
    • Add {{num}} tag to be replaced with a random phone number.
  • Supports individual profiles for different campaigns to avoid mistakes and confusion.
  • Supports creating database for sent emails, each email with its unique hash (useful with getCabrito)
  • Supports dry test, to run the script against your profile without sending the email to test your campaign before the launch.

Prerequisites

Install gems’ dependencies

sudo apt-get install build-essential libsqlite3-dev

Install gems

gem install mail sqlite3

Usage

goCabrito.rb — A simple yet flexible email sender.
Help menu:
-s, –server HOST:PORT SMTP server and its port.
e.g. smtp.office365.com:587
-u, –user USER Username to authenticate.
e.g. user@domain.com
-p, –pass PASS Password to authenticate
-f, –from EMAIL Sender’s email (mostly the same as sender email)
e.g. user@domain.com
-t, –to EMAIL|LIST|CSV The receiver’s email or a file list of receivers.
e.g. user@domain.com or targets.lst or targets.csv
The csv expected to be in fname,lname,email format without header.
-c, –copy EMAIL|LIST|CSV The CC’ed receiver’s email or a file list of receivers.
-b, –bcopy EMAIL|LIST|CSV The BCC’ed receiver’s email or a file list of receivers.
-B, –body MSG|FILE The mail’s body string or a file contains the body (not attachements.)
For click and message opening and other trackings:
Add {{track-click}} tag to URL in the HTML message.
eg: http://phisher.com/file.exe/{{track-click}}
Add {{track-open}} tag into the HTML message.
eg:Hi{{track-open}}
Add {{name}} tag into the HTML message to be replaced with name (used with –to CSV).
eg:Dear {{name}},
Add {{num}} tag to be replaced with a random phone number.
-a, –attachments FILE1,FILE2 One or more files to be attached seperated by comma.
-S, –subject TITLE The mail subject/title.
–no-ssl Do NOT use SSL connect when connect to the server (default: false).
-g, –groups NUM Number of receivers to send mail to at once. (default all in one group)
-d, –delay NUM The delay, in seconds, to wait after sending each group.
-P, –profile FILE A json file contains all the the above settings in a file
-D, –db FILE Create a sqlite database file (contains emails & its tracking hashes) to be imported by ‘getCabrito’ server.
–dry Dry test, no actual email sending.
-h, –help Show this message.
Usage:
goCabrito.rb
Examples:
$goCabrito.rb -s smtp.office365.com:587 -u user1@domain.com -p P@ssword1 \
-f user1@domain.com -t targets1.csv -c targets2.lst -b targets3.lst \
-B msg.html -S “This’s title” -a file1.docx,file2.xlsx -g 3 -d 10
$goCabrito.rb –profile prf.json

How you really use it?

  • I create directory for each customer
  • Under the customer’s directory, I create a directory for each campaign. This sub directory contains
  • The profile
  • The To, CC & BCC lists in CSV format
  • The message body in HTML format
  • I configure the profile and prepare my HTML
  • Execute the campaign profile in dry mode first (check the profile file dry value)

ruby goCabrito.rb -P CUSTOMER/3/camp3.json –dry

  • I remove the --dry switch and make sure the dry value is false in the config file
  • Send to a test email
  • Send to the real lists
R K

Recent Posts

Kali Linux 2024.4 Released, What’s New?

Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…

10 hours ago

Lifetime-Amsi-EtwPatch : Disabling PowerShell’s AMSI And ETW Protections

This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…

10 hours ago

GPOHunter – Active Directory Group Policy Security Analyzer

GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…

2 days ago

2024 MITRE ATT&CK Evaluation Results – Cynet Became a Leader With 100% Detection & Protection

Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…

5 days ago

SecHub : Streamlining Security Across Software Development Lifecycles

The free and open-source security platform SecHub, provides a central API to test software with…

1 week ago

Hawker : The Comprehensive OSINT Toolkit For Cybersecurity Professionals

Don't worry if there are any bugs in the tool, we will try to fix…

1 week ago