◈ Path Bundle

Phishing with OSINT

Detect, analyze, and investigate phishing campaigns end-to-end, email forensics, SSL/TLS analysis, domain intelligence, malicious document triage, and threat actor attribution with professional OSINT tools.

Save 79 EUR

Lab tools you will use

urlscan.ioScannerVirusTotalScannerWHOISReconShodanReconCensysReconMaltegoOSINTPhishTankThreat intelGoPhishSimulationurlscan.ioScannerVirusTotalScannerWHOISReconShodanReconCensysReconMaltegoOSINTPhishTankThreat intelGoPhishSimulation
EvilginxProxyMXToolBoxDNSDomainToolsReconpdfidDoc analysisolevbaDoc analysisCyberChefDecodertheHarvesterReconEmailRepReputationEvilginxProxyMXToolBoxDNSDomainToolsReconpdfidDoc analysisolevbaDoc analysisCyberChefDecodertheHarvesterReconEmailRepReputation

Courses Included

◎ BEGINNER500 XPAudio:ES

Phishing with OSINT Beginner

Learn to detect, analyze, and investigate phishing campaigns, from email indicators and SSL certificate analysis to malicious document triage, attacker infrastructure tracking, and controlled simulation with GoPhish.

1 guided lab9h of content
▲ INTERMEDIATE750 XPAudio:ES

Phishing with OSINT Intermediate

Advanced phishing investigation: polymorphic kit analysis, domain forensics, email authentication bypass (SPF/DKIM/DMARC), MFA attack simulation with Evilginx, and professional threat intelligence reporting.

2 guided labs15h of content

Why Choose the Full Pack?

Get the Beginner + Intermediate courses bundled together and unlock exclusive extras.

Beginner + Intermediate courses (24h of content)
All 4 guided labs with isolated VMs
All per-module + certification exams
2 HTK certificates (Beginner + Intermediate)
Extra consolidation lab
Lifetime access + priority support
Access to the HTK community
199278
Save 79
Join Waitlist →

Your Learning Roadmap

Each phase maps to a course module. Scroll to assemble your full progression — from beginner fundamentals to intermediate mastery.

1

Phase 1

Beginner

Introduction to Phishing & OSINT Methodology

Start your phishing with osint journey with Phishing with OSINT Beginner.

  • Phishing taxonomy: email, SMS (smishing), voice (vishing), QR (quishing), pop-up, DNS pharming, watering hole
  • Anatomy of a phishing attack: phases, impersonation techniques, social engineering, and common attacker resources
  • Real-world impact: identity theft, financial fraud, reputational damage, and remediation costs
2

Phase 2

Beginner

Phishing Types, Detection & Response

  • Email phishing indicators: sender verification, domain inspection, link analysis, attachment red flags
  • Spear phishing, whaling, and CEO fraud: OSINT-driven personalization, urgency, and internal impersonation
  • DNS-based attacks: pharming, malicious redirections, and fraudulent infrastructure
3

Phase 3

Beginner

SSL/TLS Certificate Analysis for Phishing Detection

  • Certificate fundamentals: DV, OV, EV types, trust chains, and validity periods
  • Risks of self-signed certificates on fraudulent websites
  • SSL/TLS concepts: integrity, confidentiality, and Certificate Transparency (CT) logs
4

Phase 4

Beginner

Open-Source Tools & Controlled Phishing Simulation + Certification

  • Introduction to phishing simulation frameworks (authorized lab environments only)
  • Tools overview: Blackeye, SET (Social Engineering Toolkit), Zphisher, GoPhish, Evilginx, TeamsPhisher
  • Creating and importing phishing templates for awareness testing and internal assessments
5

Phase 5

Intermediate

Advanced Phishing Techniques & Kit Analysis

Advance into complex scenarios with Phishing with OSINT Intermediate.

  • Polymorphic phishing for signature-based filter evasion
  • Phishing-as-a-Service (PhaaS) ecosystem and underground kit marketplace
  • HTTPS in phishing: the false confidence of the padlock icon
6

Phase 6

Intermediate

Domain Analysis & Infrastructure Forensics

  • Domain taxonomy: gTLD, sTLD, ccTLD, TLDs most abused in phishing campaigns
  • Domain lifecycle analysis: registration, activity, expiration, and expired domain abuse
  • DNS fundamentals for phishing analysis: record types, DNS attacks, and DNSSEC mitigations
7

Phase 7

Intermediate

Email Analysis & Sender Authentication Forensics

  • Email architecture: MTA, MUA, MDA, SMTP, POP3, IMAP4, mail delivery flow
  • Authentication and anti-spoofing protocols: SPF, DKIM, DMARC, ARC, and BIMI
  • HTML URL concealment techniques used in phishing emails
8

Phase 8

Intermediate

Advanced Simulation & Campaign Report + Certification

  • Advanced lab operations with Blackeye, SET, Zphisher, GoPhish, Evilginx, and TeamsPhisher
  • Campaign simulation design: evaluating human vectors and technical controls
  • Advanced session, 2FA, and corporate messaging risks with AiTM techniques