Course Overview

Practical Phishing Assessments teaches everything you need to know about setting up a professional phishing campaign to bypass multi-factor authentication, spam filters, and capture credentials! This course was created for those wanting to learn how a phishing campaign is conducted in real life penetration test engagements.

The course is short, sweet, and packed full of hands on content, including 100% practical information gained from conducting real world phishing engagements with 0% fluff. 


  • An Amazon Web Services (AWS) account with a valid credit card
  • A computing environment (Windows, Linux, Mac) with at least 4GB of RAM and 20GB of disk space
  • Knowledge of Linux OS navigation helpful (or a willingness to learn!)

What will I learn?

The following concepts will be taught in this course:

  • How to setup phishing infrastructure
  • How to launch your campaign
  • How to bypass MFA
  • How to evade spam filters
  • Credential capturing
  • Post engagement activities such as reporting.
  • Considerations for blue team
  • Advice from real phishing engagements

Course Curriculum - 1.5 Hours

Available in days
days after you enroll
Available in days
days after you enroll
  Infrastructure Setup
Available in days
days after you enroll
  Launching Your Campaign
Available in days
days after you enroll
Available in days
days after you enroll
  Blue Team Considerations
Available in days
days after you enroll

Choose a Pricing Option


Practical Phishing Assessments

About the Instructor

Graham is a penetration tester with demonstrated experience in network, web application, and cloud penetration tests. He has conducted phishing engagements for clients and developed a methodology for capturing credentials, bypassing two factor authentication, and communicating the risk of phishing to clients. Graham has been blogging about various penetration testing topics on this website for over a year and has created a discord community to help those breaking into the field.

Graham holds certifications such as eCPPT, eJPT, Security+, A+, Network+, Linux+, and Project+. He also has a Bachelors of Science in CyberSecurity From University Of North Georgia.

Follow Graham on Social Media:

LinkedIn -

Twitter -

Youtube -