Spear Phish Simulator

An ethical simulation of a targeted spear phishing attack, designed to explore adversarial reasoning in cybersecurity.

View GitHub Repository

Relevant Skills:

  • Cybersecurity
  • Python
  • LLM Prompt Engineering
  • Chain of Thought
  • Secure Coding
  • Adversarial Thinking
  • Ethical Hacking

Project Overview

Spear Phish Simulator is an educational project designed to emulate the process of crafting a highly targeted spear phishing attempt. The project was developed as part of a cybersecurity assignment in my Data Driven Security and Privacy course, with the purpose of understanding how adversaries exploit trust, tone, and context to appear credible.

Ethical Disclosure:

This project does not send real phishing emails or engage in unauthorized data collection. Instead, it uses AI reasoning tools to demonstrate the logic behind adversarial communication, offering insight into how to better defend against it.

Key Features:

  • Chain-of-Thought Prompting: Uses structured prompts to walk through how an attacker might analyze and craft a spear phishing email.
  • LLM Simulation: Leverages large language models to simulate adversarial reasoning in a step-by-step manner.
  • Security Introspection: Includes code vulnerability analysis and rewrite recommendations based on model feedback.
  • Adversarial Email Crafting: Explores how attackers choose tone, content, and targets to optimize for deception—without ever executing a real attack.

Technologies Used:

  • Python
  • Gemini API (Generative Language Models)
  • Base64 image encoding
  • Secure coding practices
  • Prompt engineering

This project serves as a thought experiment and learning opportunity for anyone studying cybersecurity defense, adversarial machine learning, or social engineering mitigation strategies.