Docs · SecOps
Nexus Aware — Phishing Simulation & Awareness
The weakest link in any SOC is the person who clicks. Nexus Aware runs internal phishing-simulation drills against your own staff — safely — so you can measure who clicks, who reports, and where to focus training. It ships with eight ready-to-use, Indonesian-language lures drawn from the scams your people actually see.
- Topic
- Security awareness · Phishing simulation
- Templates
- 8 Indonesian-language lures
- Sends via
- Notification Hub email channel
- API
/aware · /aw/<token>
What it does
You build a campaign from a list of targets, Nexus renders a realistic phishing email for each one and mints a unique tracking link, the emails go out through your configured email channel, and any click is recorded against that target. At the end you score the drill — open, click and report rates, broken down per user — so awareness becomes a number you can move.
- Internal & safe — the drill targets your own staff; no real credentials are ever captured.
- Per-target tracking — every recipient gets a unique
/aw/<token>link, so clicks attribute to a single person. - Localized lures — eight Indonesian-language templates model the scams staff actually receive.
- Measurable — open, click and report rates, scored per campaign and per user.
The eight templates
Each template is a realistic, locally relevant lure. List the available templates and their ids with aware-templates.
- M-banking OTP — a fake one-time-password verification prompt.
- JNE / J&T parcel — a bogus courier delivery notice.
- HR / THR — a payroll or holiday-allowance lure.
- Microsoft 365 password reset — a spoofed reset request.
- Google password reset — a spoofed account-recovery request.
- PLN / PDAM bill — a fake utility bill notice.
- Fake meeting invite — a calendar/meeting lure.
- OVO / GoPay / DANA e-wallet — a bogus e-wallet alert.
How to use it
nexus-cli aware-templates/aw/<token> link per target.nexus-cli aware-new --name "Q3 drill" --template <id> --file targets.json[
{ "name": "Budi Santoso", "email": "budi@example.com" },
{ "name": "Siti Aminah", "email": "siti@example.com" }
]nexus-cli aware-send --id <campaign_id> --base-url https://soc.examplenexus-cli aware-score --campaign <id>nexus-cli aware-campaigns
nexus-cli aware-del --id <id>How tracking works
When a target clicks their link, the public GET /aw/<token> endpoint records the hit. Because the email had to be opened for the link to be clicked, a click implies an open — so the single tracking event drives both the open and click rates for that user.
GET /aw/<token> # a target clicking this records open + clickREST API
GET /aware/templates # list the built-in templates
GET /aware/campaigns # list campaigns
GET /aware/score # score a campaign (open/click/report, per user)
POST /aware/campaign # create a campaign from a target list
POST /aware/send # render + send via the email channel
POST /aware/delete # remove a campaign by id
GET /aw/<token> # public — records a target's clickHow it fits the pipeline
Nexus Aware reuses the Notification Hub's email channel to deliver the rendered lures — the same SMTP channel you already configured for alerting carries the drill. Sending is therefore gated on having an email channel set up; configure one in the Notification Hub first, then run your campaign through it.
Tips
- Start with a small pilot group before drilling the whole organization.
- Pick the template that matches the scams your staff actually receive — local lures land hardest.
- Track the per-user score over repeated drills to prove awareness training is working.