Course Overview

Practical Phishing Assessments teaches everything you need to know about setting up a professional phishing campaign to bypass multi-factor authentication, spam filters, and capture credentials! This course was created for those wanting to learn how a phishing campaign is conducted in real life penetration test engagements.

The course is short, sweet, and packed full of hands on content, including 100% practical information gained from conducting real world phishing engagements with 0% fluff. 


  • An Amazon Web Services (AWS) account with a valid credit card
  • A computing environment (Windows, Linux, Mac) with at least 4GB of RAM and 20GB of disk space
  • Knowledge of Linux OS navigation helpful (or a willingness to learn!)

What will I learn?

The following concepts will be taught in this course:

  • How to setup phishing infrastructure
  • How to launch your campaign
  • How to bypass MFA
  • How to evade spam filters
  • Credential capturing
  • Post engagement activities such as reporting.
  • Considerations for blue team
  • Advice from real phishing engagements

Course Curriculum - 1.5 Hours

Available in days
days after you enroll
Available in days
days after you enroll
  Infrastructure Setup
Available in days
days after you enroll
  Launching Your Campaign
Available in days
days after you enroll
Available in days
days after you enroll
  Blue Team Considerations
Available in days
days after you enroll

This course is closed for enrollment.

About the Instructor

Graham is a penetration tester with demonstrated experience in network, web application, and cloud penetration tests. He has conducted phishing engagements for clients and developed a methodology for capturing credentials, bypassing two factor authentication, and communicating the risk of phishing to clients. Graham has been blogging about various penetration testing topics on this website for over a year and has created a discord community to help those breaking into the field.

Graham holds certifications such as eCPPT, eJPT, Security+, A+, Network+, Linux+, and Project+. He also has a Bachelors of Science in CyberSecurity From University Of North Georgia.

Follow Graham on Social Media:

LinkedIn -

Twitter -

Youtube -

Frequently Asked Questions

Can I get a refund if I'm unhappy with my purchase?

Yes. All courses come with a 30-day money-back guarantee.

Will I receive a certificate of completion when I finish a course?

Yes. All courses come with a certificate of completion.

Do the courses count as Continuing Education Units (CEUs)?

Yes. Every certificate of completion comes with the total CEUs earned listed on the certificate.

Do course purchases come with lifetime access?

Yes. You only pay once for our courses!

Can I migrate Udemy courses?

Unfortunately, we cannot migrate users from Udemy to the Academy. Udemy does not provide us with student enrollment information. The Udemy courses do receive quality of life updates and are still supported by our team. We apologize for any inconvenience.

What's the difference between purchasing a course and the All-Access Pass?

When a student purchases a course, either individually or with a bundle, they receive lifetime access to the course and its materials. When a student purchases the All-Access pass subscription, they receive access to all of our courses and content, but the access is removed once the monthly subscription ends.