Be THE ONE who can defend any organization from hacker’s attacks

Join the new “Social Engineering & Phishing Mastery” course 

to be one step ahead of the cybercriminals 




With all the cybersecurity systems we have developed, we still aren’t immune enough from one of the biggest cybersecurity threats.

Users are easier to hack than computers and only one human mistake can ruin even the most advanced cybersecurity system.

That’s why we created the course “Social Engineering & Phishing Mastery” which uncovers tactics and techniques known as social engineering.

You’ll learn how attackers gather information on their targets and what information available online is useful for them. You’ll find out how to secure Red Team infrastructure, prepare an efficient payload, and bypass security solutions.

All of that working with publicly available tools deployed by scammers every day.

Outthinking attackers is just one part of this course.

You’ll also cover best practices for reporting and discover how to use what you’ve learned on this course to protect the cybersecurity infrastructure of your company or organization.

By the end of this course, you will be able to:

Understand how hackers gather personal data

Explain how tools including Deepsea and Evilginx2 are deployed

Prepare an efficient payload

Demonstrate how security solutions are bypassed

6 Reasons To Join The Course


A skills shortage is impacting the security industry with 70% of cybersecurity professionals claiming that their organization is affected. Those who possess cybersecurity skills can therefore expect long-term job security and a highly competitive remuneration package.


With long-term remote work now a reality for many companies because of the global health pandemic, cyber-threats are a growing concern. Just over half (53%) of cybersecurity professionals saw phishing attacks increase during the pandemic, with 30% reporting that this type of attack was more successful since the outbreak of Covid-19. 


All it takes is one click to fall for a phishing scam. 1 in 2 users reads phishing emails and 1 in 3 opens the malicious attachment or clicks on the malicious link. The high volume and growing sophistication of this threat mean prevention and mitigation services will always be in demand.


Facebook and Google together were scammed out of more than $100M via a fake invoice scam run by a Lithuanian hacker impersonating a vendor based in Asia. Austrian aerospace part marketer FACC lost $61M after a hacker posing as the company’s CEO sent a phishing email requesting a funds transfer to an entry-level accounting employee.


These types of scams can appear in more places than just your inbox. Social engineering attacks can be carried out via social media and instant messaging apps, through SMS text messages, web ads, website and voicemail. 


Fall victim to a social engineering or phishing attack and your most sensitive data could be exposed. Attackers may gain access to your personal or corporate email address and password, your credit card details or online banking credentials, or even personal data such as your date of birth, address and social security number.


Course Syllabus



We’ll start off with digging into the first phase, during which the attacker gathers information on the target before the actual attack starts. The data gathering is an essential skill of every red teamer. In this module, you will learn what Open Source Intelligence (OSINT) is and you’ll also find out more about the public tolls. Our Expert will show how to extract valuable information using Git. We’ll also cover google hacking, and social media presence.

  1. Preparing phishing campaigns
  2. Open Source Intelligence (OSINT)
  3. Google hacking and search engines
  4. Targeted phishing and social media


Infrastructure preparation

In this module, you will learn how to prepare reusable Red Team infrastructure. More precisely? You will find out not only what command and control are,  but we’ll also uncover the unusual approach to it. Moreover, you will discover how to secure Red Team infrastructure. We’ll also be reviewing the Publicly available tools such as Deepsea and Evilginx2.

  1. Command and Control (C2)
  2. Stealth Communication
  3. Setting up DNS and certificates
  4. Credential harvesting with Evilginx2
  5. Automating mass-mailing
  6. Securing your Red Team infrastructure


Payload preparation

In this module, you will find out how to successfully prepare efficient payload. You’ll discover how to live off the and binaries – the magic of LOLBINS. We will also dig deep into the multi-stage malware, smartphones and fileless malware. Finally, you will learn how to utilize malicious hardware tools.

  1. Malicious VBA macros
  2. Malicious XLM macros
  3. Living off the Land Binaries and Scripts
  4. Multi-stage malware
  5. Persistency techniques and attacks on supply chain
  6. Fileless malware
  7. Utilizing malicious hardware tools


 Lessons learned and reporting

The last module will guide you through what to do after a successful campaign. You will learn good practices for the reporting and consolidate the knowledge gained during the course to deliver security awareness training. Last but not least we will cover Gamification.

  1. Measuring campaign results
  2. Planning Security Awareness Training
  3. Protecting your organization

Click here to browse the modules:

Which experts will I learn from?

Paula Januszkiewicz

Founder and CEO of CQURE

Paula is a Microsoft Security Trusted Advisor, IT Security Auditor and Penetration Tester. On top of that, she’s an Enterprise Security MVP and trainer (MCT). She shares her expertise on Windows Security through online writing and speaking at conferences (she already checked off TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime — to name but a few). She proudly holds the role of the Security Architect in IDesign and manages her own company CQURE.

Michał Jankowski-Lorek

Cloud Solutions & Machine Learning Expert

Michael designs and implements solutions for Databases, Network & Management area, mainly for Microsoft platform. As for day-to-day work, he works as Solution Architect, designing and planning database related solutions and software, mainly based on Microsoft and Oracle servers. He also designs and administers IT Infrastructure based on Microsoft systems and network solution from CISCO.

Miłosz Piasecki


Miłosz Piasecki is CQURE’s prodigy Cybersecurity Specialist and aspiring team leader with his main focus being programming, networking and most of all Windows security. Miłosz is an enthusiastic, hard-working individual with an interest in social engineering, penetration testing, cryptography and virtualization-based technologies. At CQURE his is also responsible for demos design and creation, building virtual labs and developing scripts. Privately Miłosz is interested in social influence mechanisms, enjoys travelling, skiing, motorcycling and archery.

Who Is It For

Red Team Operations Specialist

Cybersecurity Engineer

IT Operations Engineer

Cybersecurity Operations Engineer

Information Security Consultant

Software Security Engineer

Security Researcher

Threat analyst

Cybersecurity Analyst

What’s it like to study with CQURE?

All of their classes are based on their real world experience with the products, not just the typical Official Curriculum style classes that teach you things for an exam, but that you will never use. You’ll find that all of the material you’ll learn in the class will be used, at some point, in your security career.

Jack Perry

Security Principal Consultant | Presidio

Totally professional, total great stuff, in-depth knowledge and a perfect Learning Atmosphere! I like it! Thanks so much for sharing your experience and knowledge!

Martin Weber

CTO | IT.innovation.4U GmbH

I have attended CQURE’s training as someone who is not a security professional, but just an enthusiast, and I feel like I learned a A LOT. The whole training was loaded with information and nice demos of the latest technologies. On top of that — having an opportunity to ask and talk to professionals was priceless.

Marek Chmel

SQL Server DBA | AT&T

Let me start by saying Paula is amazing!! The passion for the topic really shows. As an engineer with 16 years of experience, I am impressed. Thank you for the education, and entertainment.

Dave Kordyban

Network Engineer | Garrett County Government

As it also happened before, Paula Januszkiewicz knows how to blow your mind. As great athletes make their discipline look easy when you watch them perform, so Paula makes Windows purr like a little kitten. Even though I am fully aware of how much I still don’t know, after a course such as this Windows is not mysterious anymore. This is a great feeling.

Doru-Catalin Togea

Information Security Advisor | Norwegian Police

I’ve recently attended a training held by CQURE. It was PACKED with knowledge and tools. Of course not everything was discussed in details (lack of time) but CQURE team delivered a great value within just a few hours. I was a student not so long ago and I wish that our universities were teaching as efficiently as CQURE does.

Kamil Więcek

IT Expert | ING Bank Śląski

We have learned a lot about IIS, hacking and much much more. Our motivation has increased during this course and of course great interest in your work Paula. Impressed with your enthusiastic energic way of presenting.

Styrk Finne

Senior Professional System Engineer | CSC Norway

“Social Engineering & Phishing Mastery”


  • You’ll participate in online training program divided into 4 modules (8 hours of content)
  • Master practical skills that cover: Data Reconnaissance, Infrastructure Preparation, Payload Preparation, Best Practices and Reporting;
  • Access cutting edge tools and privileged industry knowledge from industry experts who spend 60% of their time consulting on security for clients around the world;
  • Comes with the option to earn official CQURE certification by passing an exam at the end of the course;
  • Access all course video recordings and extra learning materials for a full 12 months from the day the course starts;
  • Thrive on an exciting course that builds your cybersecurity knowledge and confidence through challenges delivered via a video lesson, assessment, and supporting tools and exercises;
The Course With Certificatation
  • Prerecorded 9 hours video content
  • Includes 4 modules
  • Fresh content from real case scenarios
  • Created by TOP industry experts
  • 12 months access
  • Official CQURE certificate

The Course Without Certification
  • Prerecorded 9 hours video content
  • Includes 4 modules
  • Fresh content from real case scenarios
  • Created by TOP industry experts
  • 12 months access


PLEASE NOTE: Certification is available only with a package with the certificate. After you complete a course, you will be offered to pass an exam and with a successful result, you will get a certificate. You will have as many attempts as you want to pass the exam.

Frequently Asked Questions