Ghost Scout: LLM Assisted Personalized Phishing

Overview

This application allows red teamers to:

• Discover target company domains and related domains
• Collect information about email formats and DNS records
• Find potential contacts/employees at target companies
• Scrape sources to enrich contact profiles
• Generate profiles for discovered employees using AI
• Create personalized outreach messages (pretexts) for sales communication

Key Features

• Domain Discovery: Add target domains and find related ones through autodiscover techniques
• Email Format Detection: Identify company email patterns
• Contact Discovery: Find potential contacts using Hunter.io API
• Source Scraping: Scrape discovered sources for more information
• Profile Generation: Generate detailed profiles using AI
• Pretext Generation: Create personalized sales outreach messages with AI
• Real-time Updates: Get live feedback as reconnaissance and processing happens

Database Schema

The application uses the following tables:

• Domain: Stores target company domains with DNS records
• SourceDomain: Tracks domains where source data is found
• Target: Stores information about target individuals (prospects)
• SourceData: Contains information about URLs where target data was found
• TargetSourceMap: Maps the many-to-many relationship between targets and sources
• Prompt: Stores LLM prompts for pretext generation
• Pretext: Stores generated sales outreach messages

Install & Use