Phishing¶
Stentor includes integrated phishing infrastructure for initial access operations. The platform handles the complete email campaign lifecycle -- from template design and SMTP configuration through delivery, tracking, and credential capture. Site cloning and drive-by download pages extend the phishing toolkit for credential harvesting and payload delivery.
sequenceDiagram
participant Operator
participant Backend API
participant Relay (SMTP)
participant Target Inbox
participant Target
participant Relay (Tracking)
participant Relay (Landing)
Operator->>Backend API: Create campaign + import targets
Backend API->>Relay (SMTP): Send emails via WebSocket command
Relay (SMTP)->>Target Inbox: Deliver phishing email
Target->>Relay (Tracking): Open email (tracking pixel)
Target->>Relay (Tracking): Click link (redirect to landing page)
Target->>Relay (Landing): Submit credentials
Relay (Landing)->>Backend API: Report events via WebSocket
Backend API->>Operator: Update campaign metricsIn This Section¶
- Campaign Management -- Create campaigns, configure SMTP, import targets, design emails, clone sites, track engagement metrics.