Branding
Platforms which allow arbitrary images to be included in sent emails, or a company name in a manner distinct from arbitrary text insertion (i.e., prominent styling or location in email).
Living Off Trusted Email
A quick-reference page detailing options for leveraging trusted platforms' email features to deliver your phishing emails for you during your next social engineering campaign.
Taxonomy
An overview of general tag definitions is included below. Each LOTE entry can be expanded for further details related to how each tag pertains to the platform in question.
Language
Platforms which allow arbitrary text to be included in sent emails. If the arbitrary text can include certain HTML elements, then additional LOTE tags may apply for that platform as well.
Payload
Platforms which either allow arbitrary attachments to sent emails, or whose emails are designed to link directly to a file or folder of files hosted on the platform.
Sender
Platforms which allow users to customize the display name used in the source address for the sent email, or which sends from a generic address which masks the real sender identity.
URL
Platforms which allow arbitrary URLs to be included in sent emails in a manner distinct from arbitrary text insertion (e.g., anchor tag, button, meeting location, ICS file contents, etc.).
Directory
Search LOTE entry text, or click a tag to filter the list. Expand any entry to inspect its tag-specific details and any additional opsec notes related to its use for phishing campaigns.