To find the weakest security link in your organization, you need to think like a hacker. Thanks to LUCY, you can now measure and improve awareness towards phishing, SMiShing, BadUSB, malware and drive-by attacks by launching your own realistic security campaigns. LUCY can emulate cyberattacks in your own network or in the cloud through four main modules:
Traditional Phishing/SMiShing Attack: LUCY runs different variations of attacks to measure and improve awareness of your employees. All technical aspects, i.e. sending mail/SMS, starting the embedded web server or generating statistical analysis are handled by the application. In a few clicks, entire websites can be copied. Also included is a menu of attack scenario templates (pre-defined websites and message templates).
Malware Attack: LUCY can simulate a malware attack, combining phishing with custom malware samples (which can be delivered via mail, web download or USB). You will see who, how far and what type of information can be exposed. LUCY's malware simulation is non-intrusive and doesn't interrupt your normal daily business operations.
Malware Protection Test: This feature allows users to perform security checks without involving employees outside your IT department. Determine your malware-related vulnerabilities on the network, system and application levels. Verify also your SIEM: can you actually detect malicious activities?
Training: An integrated (interactive) eLearning module provides the necessary training to improve employee awareness.
Show More All Features
LUCY features a simple web-based user interface that includes pre-defined Message, Web- and Malwaresimulation templates. LUCY can also be customized to allow users to create campaigns and templates that can be used again. The solution been designed so technical and non-technical persons can administrate the platform, and configure custom phishing, SMiShing or malware simulation attacks within minutes. Please check out our LUCY WIKI for more technical background infos.
"LUCY" can be downloaded for free, although some limitations apply in the current version. The community edition is designed to increase awareness and can run in total 5 campaigns with 20 users per campaign (max 100 users in total). If you need help in setting up your security campaign, we offer an inexpensive, remote support setup bundle. To run larger campaigns or purchase LUCY please check our price list
Here you find a few sample screenhots
"LUCY" is a easy to set up tool, with
simple reporting designed specifically to measure and improve awareness
towards phishing, SMiShing, BadUSB, malware, and drive-by attacks by launching realistic
social engineering attacks.
It comes with a simple web based user interface including pre-defined message and web templates. "LUCY" is also fully customizable, users can create campaigns and templates that can be used again. Designed so that both technical and non technical persons can administrate the platform, configuring custom phishing attacks within minutes. Easy to read, accurate reporting on user behaviour (includes link clicks, form submits etc.)
The creation of new attack scenarios can be done with just one mouse click with a website copy feature allowing the user to build a functional copy of any website automatically. "LUCY" can also create custom PE (portable executables) on the fly using the parameters from the initial configuration. Those PE can be send via mail attachment or embedded into the campaign web pages as a plain executable or a compressed archive format.
"LUCY" customizable scenarios can all be edited and offer the possibility to run phishing campaigns or malware simulations such as:
• Click-only simulations: These scenarios involve a two-step process with an email that urges the recipient to click on the embedded link.
• Data entry simulations: Send emails with a link to a customized landing page that encourages users to enter sensitive information.
• File Based simulations: create "BadUSB" simulations.
• SMiShing simulations: Send spoofed SMS with any free selectable source number & message to test the awareness regarding mobile devices
• Macro Based simulations: create Word Macro's that report back to LUCY
• BeEF Integration: Analyse how clients access the web & the mail. Determine client based vulnerabilities within the browser.
• Attachment-based simulations: Train users to recognize malicious attachments by sending emails with seemingly legitimate attachments or start web pages with customized tools that gather client data.
• Double Barrel simulations: technology that simulates conversational phishing techniques by sending two emails one at the beginning and one containing a malicious element used by APT.
• DynDNS (run "LUCY" accessible from the Internet on a private IP)
• Mail Engine (send & forward mails)
• Out of the box 40+ professional designed, fully functional web- & mail templates.
• Reporting engine (create custom report templates), export data to pdf, HTML or CVS
• Run Awarenesses Campaigns from LUCY (interactive learning, video's etc.)
• Compile custom code (portable executable) on LUCY that can be executed on the windows target clients (runs behind FW, NAT, Proxy etc.)
• Run malware tests to check for vulnerabilities on your PC's
• Test your SIEM: the advanced malware testing toolkit enables you to simulate all known malware activities (Spyware, Worm, Scanners, Backdoors, Keyloggers, Virus, Ransomware, Bot, Dropper etc.)
• Ability to schedule campaigns
• Ability to run fully anonymous campaigns for privacy reasons.
• Statistic engine (graphical analysis of each phishing campaign)
• Create SSL secured scenarios (with custom certificate or import official certificate via web gui)
• Easy linux configuration script for first use (Vmware Setup script helps you automatically configure LUCY in less than 5 minutes)
• interactive help that guides you through phishing campaigns
• Automatic software updates
• Website Copy feature: copy existing web pages and integrate them in your campaign
• Benchmark Analysis helps you compare different campaigns
• Professional web based scenario editor (editing landing pages or mails)
• Built in SPAM Checker to verify your mail settings
• Built in PERFORMANCE test to verify your hardware settings for your campaign
• Built in Domain API to reserve and map domains within LUCY
• Login filters (enable filters to check for complex passwords or custom domains required within the login)
• Real time access to graphical analysis of the phishing campaign
• Multi user enabled, web based GUI to configure and run phishing campaign against one or ten thousands of users simultaneously
• Customised GUI: upload your own logo and copyright for the admin based access
Other Features include:
•DynDNS (run "LUCY" accessible from the Internet on a private IP)
•Mail Engine (send & forward mails)
•Out of the box 20+ professional designed, fully functional web- & mail templates
•Reporting engine (create custom report templates), export data to pdf, HTML or CVS
•Run Awarenesses Campaigns from LUCY
•Compile custom code (portable executable) on LUCY that can be executed on the windows target clients (runs behind FW, NAT, Proxy etc.)
•Statistic engine (graphical analysis of each phishing campaign)
•Create SSL secured scenarios (with custom certificate or import official certificate via web gui)
•Easy linux configuration script for first use (Vmware Setup script helps you automatically configure LUCY in less than 5 minutes)
•interactive help that guides you through 1st phishing campaign
•Automatic software updates
•Website Copy feature: copy existing webpages and integrate them in your campaign
•Benchmark Analysis helps you compare different campaigns
•Professional web based scenario editor (editing landing pages or mails)
•Login filters (enable filters to check for complex passwords or custom domains required within the login)
•Real time access to graphical analysis of the phishing campaign
•Multi user enabled, web based gui to configure and run phishing campaign against one or ten thousands of users simultaneously
LUCY GMBH SWITZERLAND
Please use one of the links below to get in contact
Please download the latest stable release of LUCY here.
Please contact Oliver under email@example.com for support, inquires and feedback.
Lucy Phishing GmbH
+41 79 6959510