LUCY

User Tools

Site Tools

Trace:
general_planing

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
general_planing [2016/05/20 20:01] – [Checklist: what you may ask your client prior to a phishing campaign] lucygeneral_planing [2016/05/20 20:08] – [Checklist: what you may ask your client prior to a phishing campaign] lucy
Line 83: Line 83:
  
 ^ Topic       ^ Details                                                  ^ Topic       ^ Details                                                 
-| SPAM Whitelist    | Is it possible to whitelist LUCY's IP on the SPAM filter and FW?|  +| SPAM Whitelist    | Is it possible to whitelist LUCY's IP on the [[avoid_spam_issues|SPAM filter]] and FW?|  
-| Recipients | How many users shall be tested? Is it possible to get a list of users including email, name and additional info (like department, location etc.)?+| Recipients | How many users shall be tested? Is it possible to get a [[add_mail_recipients|list of users]] including email, name and additional info (like department, location etc.)?
 | Recipients Allocation | Shall all recipients get the same scenario simulation or a simulation preferred, where user groups get different attack scenarios? | Recipients Allocation | Shall all recipients get the same scenario simulation or a simulation preferred, where user groups get different attack scenarios?
 | Test Mail    | What is the mail address that can be used for testing the campaign? | Test Mail    | What is the mail address that can be used for testing the campaign?
-| Distribution method  | Should the phishing simulation only be send via mail or also include SMS, USB or any other form of a portable media?|  +| Distribution method  | Should the phishing simulation only be send via mail or also include [[create_a_smishing_campaign|SMS]][[create_a_usb_campaign|USB]] or any other form of a portable media?|  
-| Scenario Type    | Should the scenario type be hyperlink only or include a landing page? Does it need a malware simulation as well? |  +| Scenario Type    | Should the scenario type be hyperlink only or include a landing page? Does it need a [[create_a_phishing_campaign_with_malware_simulations|malware simulation]] as well? |  
-| Data Extraction    | If a malware component shall be used: what should it extract (e.g. system info)? What format is desired (Word Macro vs. Executable)?|  +| Data Extraction    | If a malware component shall be used: what should it extract (e.g. system info)? What format is desired ([[create_a_phishing_campaign_with_a_word_macro|Word Macro]] vs. Executable)?|  
-| Template    | Does it need a fully customized template for the mail- and landing page or is it possible to use and adjust one of LUCY predefined templates?|  +| Template    | Does it need a [[edit_landing_page|fully customized template]] for the mail- and landing page or is it possible to use and adjust one of LUCY [[download_templates|predefined templates]]?|  
-| Domain Details    | Does it require to reserve one or multiple domains? Should the domain be similar to the clients domain name or completely different?|  +| Domain Details    | Does it require to reserve one or multiple [[domain_configuration|domains]]? Should the domain be similar to the clients domain name or completely different?|  
-| Encryption    | Should the landing page be accessed over an encrypted channel and does it require a trusted certificate?+| Encryption    | Should the landing page be accessed over an [[ssl_configuration|encrypted channel]] and does it require a trusted certificate?
 | Privacy   | Is it possible to store usernames and passwords from the attack on the system (partially, full or none)? | Privacy   | Is it possible to store usernames and passwords from the attack on the system (partially, full or none)?
-| eLearning| Should the campaign include also eLearning content? If yes: does it need to be customized? It is required that individual eLearning statistics are also logged? |  +| eLearning| Should the campaign include also [[awareness_e-learning_settings|eLearning content]]? If yes: does it need to be customized? It is required that individual eLearning statistics are also logged? |  
-| Running the campaign   | Should all mails be send simultaneously or is it better to send the mails over a longer time period? | +| Running the campaign   | Should all mails be send simultaneously or is it better to send the mails over a longer time period using the [[scheduler|scheduler]]? | 
 | Organizational    | When can the test start, until when does it have to be finished? | Organizational    | When can the test start, until when does it have to be finished?
-| View Only Access    | Does the client wish to get a view only access on LUCY to monitor the campaign statistics?|  +| View Only Access    | Does the client wish to get a [[user_management|view only access]] on LUCY to monitor the campaign statistics?|  
-| Log & Success Level| What is considered a successful attack (link click, data submit etc.)? Should LUCY also trigger opened mails?+| Log & Success Level| What is considered a [[success_actions|successful attack]] (link click, data submit etc.)? Should LUCY also trigger [[monitor_a_campaign_statistics|opened mails]]? Can advanced client side scripts ([[beef_integration|BeEF]]) be executed to gather more detailed information about the user?|  
 +| Login Restrictions | If a landing page with a login is created: is it necessary to let the user submit the password or shall LUCY redirect the user to a different page before the full password is entered? Is it necessary to implement regular expressions on the login fields in order to avoid false positives?| 
  
general_planing.txt · Last modified: 2021/04/06 15:24 by lucy