Ghost Scout: LLM Assisted Personalized Phishing
Ghost Scout is an LLM assisted OSINT and phishing email generation tool that performs reconnaissance on target companies, finds their employees, and builds profiles for personalized emails based on public sources.
Overview
This application allows red teamers to:
- Discover target company domains and related domains
- Collect information about email formats and DNS records
- Find potential contacts/employees at target companies
- Scrape sources to enrich contact profiles
- Generate profiles for discovered employees using AI
- Create personalized outreach messages (pretexts) for sales communication
Key Features
- Domain Discovery: Add target domains and find related ones through autodiscover techniques
- Email Format Detection: Identify company email patterns
- Contact Discovery: Find potential contacts using Hunter.io API
- Source Scraping: Scrape discovered sources for more information
- Profile Generation: Generate detailed profiles using AI
- Pretext Generation: Create personalized sales outreach messages with AI
- Real-time Updates: Get live feedback as reconnaissance and processing happens
Database Schema
The application uses the following tables:
- Domain: Stores target company domains with DNS records
- SourceDomain: Tracks domains where source data is found
- Target: Stores information about target individuals (prospects)
- SourceData: Contains information about URLs where target data was found
- TargetSourceMap: Maps the many-to-many relationship between targets and sources
- Prompt: Stores LLM prompts for pretext generation
- Pretext: Stores generated sales outreach messages
Install & Use
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce
