Git/mgeeky-Penetration-Testing-Tools
1
0
Fork 0
mirror of https://github.com/mgeeky/Penetration-Testing-Tools.git synced 2025-04-05 09:14:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
mgeeky 2021-10-17 15:38:53 +02:00
parent c88caed053
commit dc8a2638f9
1 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
phishing/README.md
View File

@ -123,13 +123,15 @@ HEADER:
X-Forefront-Antispam-Report X-Forefront-Antispam-Report
VALUE: VALUE:
CIP:209.85.221.51;CTRY:US;LANG:de;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:mail-wr1-f51.google.com;PTR:mail-wr1 CIP:209.85.167.100;CTRY:US;LANG:de;SCL:5;SRV:;IPV:NLI;SFV:SPM;H:mail-lf1-f100.google.com;PTR:mail-l
-f51.google.com;CAT:SPM;SFS:(4636009)(6916009)(1096003)(6666004)(4744005)(19625305002)(58800400 f1-f100.google.com;CAT:DIMP;SFTY:9.19;SFS:(4636009)(956004)(166002)(6916009)(356005)(336012)(19
005)(166002)(336012)(356005)(55446002)(5660300002)(956004)(121216002)(7596003)(7636003)(9686003 625305002)(22186003)(5660300002)(4744005)(6666004)(35100500006)(82960400001)(26005)(7596003)(7636003)(554460
)(86362001)(224303003)(26005)(35100500006)(43540500002);DIR:INB; 02)(224303003)(1096003)(58800400005)(86362001)(9686003)(43540500002);DIR:INB;SFTY:9.19;
ANALYSIS: ANALYSIS:
- CIP: Connecting IP address: 209.85.221.51 - Microsoft Office365/Exchange ForeFront Anti-Spam report
- CIP: Connecting IP address: 209.85.167.100
- CTRY: The source country as determined by the connecting IP address - CTRY: The source country as determined by the connecting IP address
- US - US
@ -144,27 +146,30 @@ ANALYSIS:
- SPM: The message was marked as spam by spam filtering. - SPM: The message was marked as spam by spam filtering.
- H: The HELO or EHLO string of the connecting email server. - H: The HELO or EHLO string of the connecting email server.
- mail-wr1-f51.google.com - mail-lf1-f100.google.com
- PTR: Reverse DNS of the Connecting IP peer's address - PTR: Reverse DNS of the Connecting IP peer's address
- mail-wr1-f51.google.com - mail-lf1-f100.google.com
- CAT: The category of protection policy - CAT: The category of protection policy
- SPM: Spam - DIMP: Domain Impersonation
- SFTY: The message was identified as phishing
- 9.19: Domain impersonation. The sending domain is attempting to impersonate a protected domain
- DIR: Direction of email verification - DIR: Direction of email verification
- INB: Inbound email verification - INB: Inbound email verification
- Message matched 23 Anti-Spam rules: - Message matched 24 Anti-Spam rules (SFS):
- (1096003) - (1096003)
- (121216002)
- (166002) - (166002)
- (19625305002) - (19625305002)
- (22186003)
- (224303003) - (224303003)
- (26005) - (26005)
- (336012) - (336012)
- (35100500006) - (SPAM) Message contained embedded image.
- (356005) - (356005)
- (35100500006) - (SPAM) Message contained embedded image.
- (43540500002) - (43540500002)
- (4636009) - (4636009)
- (4744005) - (4744005)
@ -175,6 +180,7 @@ ANALYSIS:
- (6916009) - (6916009)
- (7596003) - (7596003)
- (7636003) - (7636003)
- (82960400001)
- (86362001) - (86362001)
- (956004) - (956004)
- (9686003) - (9686003)