mercure: tool for security managers
Mercure is a tool for security managers who want to teach their colleagues about phishing.
What Mercure can do:
- Create email templates
- Create target lists
- Create landing pages
- Handle attachments
- Let you keep track in the Campaign dashboard
- Track email reads, landing page visits, and attachment execution.
- Harvest credentials
- Schedule campaigns
- Minimize link in email templates
How to use mercure
We can consider mercure is divided into 5 steps :
- Email Templates
- Landing page
Targets, Email Templates, and Campaign are the minimum required to run a basic phishing campaign.
- First, add your targets
You need to fill Mercure name, the target email. Target first and the last name is optional but can be usefull to the landing page
- Then, fill the email template.
You need to fill the Mercure name, the subject, the send and the email content. To improve the email quality, you have to fill the email content HTML and the text content. To get information about opened email, check “Add open email tracker” You can be helped with “Variables” category.
Attachments and landing page are optional, we will see it after.
- Finally, launch the campaign
You need to fill the Mercure name, select the email template and the target group. You can select the SMTP credentials, SSL using or URL minimizing
- Optional, add a landing page
You need to fill the mercure name, the domain to use You can use “Import from URL” to copy an existing website.
You have to fill the page content with text and HTML content by clicking to “Source”
- Optional, add Attachment
You need to fill the Mercure name, the file name which appears in the email and the file You also have to check if the file is buildable or not if you need to compute a file for example.
To execute the build, you need to create a zip archive which contains a build script (named ‘generator.sh’ and a buildable file
Copyright (C) 2017 treemo