Open-Source Phishing Framework
Gophish is a powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing.
Gophish is a powerful open-source phishing toolkit that makes it easy to test an organization’s exposure to phishing. Designed for businesses and penetration testers, Gophish lets you quickly and easily set up and launch phishing campaigns, track results and set up security awareness training.
Gophish works on most platforms, including Windows, Mac OS X and Linux.
- One-click installation
- Full REST API
- Beautiful web UI
- Offers real-time results
Set Templates & Targets
Gophish makes it easy to create or import pixel-perfect phishing templates.
Our web UI includes a full HTML editor, making it easy to customize your templates right in your browser.
Launch the Campaign
Launch the campaign and phishing emails are sent in the background. You can also schedule campaigns to launch whenever you'd like.
Detailed results are delivered in near real-time. Results can be exported for use in reports.
Gophish was built from the ground-up with a JSON API that makes it easy for developers and sysadmins to automate simulated phishing campaigns.
Is Python your language of choice? If so, we have a fully-supported Python API client that makes working with the Gophish API a piece of cake!
There are many reasons to use the Gophish API. The most common use case is to gather report information for a given campaign, so that you can build custom reports in software you're most familiar with, such as Excel or Numbers.
However, automating the creation of campaigns and campaign attributes such as templates, landing pages, and more provides the ability to create a fully automated phishing simulation program. This would allow campaigns to be run throughout the year automatically. This also allows the Gophish administrator to be included in the campaigns, since they wouldn't know exactly which day it would start!