Top Related Projects
The Rogue Access Point Framework
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Phishing Campaign Toolkit
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Quick Overview
Gophish is an open-source phishing toolkit designed to help organizations test their cybersecurity awareness through simulated phishing campaigns. It provides a user-friendly web interface for creating and managing phishing campaigns, as well as detailed reporting and analytics to assess the effectiveness of security awareness training.
Pros
- Easy to set up and use, with a clean and intuitive web interface
- Highly customizable campaigns, allowing for realistic phishing simulations
- Detailed reporting and analytics to track campaign effectiveness
- Active community and regular updates
Cons
- Requires careful use to avoid legal and ethical issues
- Limited integration with other security tools out of the box
- May require additional setup for more advanced features
- Can be resource-intensive for large-scale campaigns
Getting Started
To get started with Gophish:
- Download the latest release from the Gophish GitHub releases page.
- Extract the archive and navigate to the extracted folder.
- Run the Gophish binary:
./gophish - Access the admin interface at
https://localhost:3333(default credentials: admin/gophish). - Configure your SMTP settings, create landing pages, email templates, and groups.
- Launch your first campaign and monitor results through the dashboard.
Note: Ensure you have proper authorization before conducting phishing simulations in any organization.
Competitor Comparisons
The Rogue Access Point Framework
Pros of Wifiphisher
- Specialized for wireless network attacks, offering unique features like evil twin attacks
- Includes a web interface for creating phishing pages specific to WiFi scenarios
- Supports automatic client disconnection to force reconnection to rogue access points
Cons of Wifiphisher
- Limited to WiFi-based phishing scenarios, less versatile for general phishing campaigns
- Requires specific hardware (WiFi adapter) and often root privileges to function properly
- Less focus on email-based phishing, which is a common vector in many organizations
Code Comparison
Wifiphisher (Python):
def create_ap(self, ssid, channel, interface, ap_iface, encryption, capture_file):
config = {
"ssid": ssid,
"channel": channel,
"interface": interface,
"ap_iface": ap_iface,
"encryption": encryption,
"capture_file": capture_file
}
return self.start_ap(config)
Gophish (Go):
func (s *Server) StartPhishingCampaign(c *models.Campaign) error {
err := c.Launch()
if err != nil {
return err
}
s.campaigns = append(s.campaigns, c)
return nil
}
The code snippets highlight the different focus areas of each tool. Wifiphisher deals with creating access points for WiFi-based attacks, while Gophish manages phishing campaigns more broadly, including email-based scenarios.
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
Pros of Social-Engineer Toolkit
- More comprehensive toolkit with a wider range of social engineering attack vectors
- Includes additional features like website cloning and mass mailer attacks
- Supports multiple attack vectors beyond phishing, such as SMS spoofing and QR code generation
Cons of Social-Engineer Toolkit
- Less user-friendly interface compared to Gophish's web-based GUI
- Steeper learning curve for beginners due to its command-line interface
- Less focused on phishing campaigns specifically, which may be overkill for some users
Code Comparison
Social-Engineer Toolkit (Python):
# Example of a simple phishing attack in SET
import setoolkit
setoolkit.set_payload("php/meterpreter_reverse_tcp")
setoolkit.set_listener("eth0", 4444)
setoolkit.start_web_server()
Gophish (Go):
// Example of creating a phishing campaign in Gophish
campaign := &models.Campaign{
Name: "Test Campaign",
Template: template,
URL: "https://example.com",
Groups: []models.Group{group},
}
err := api.Campaigns.PostCampaign(campaign)
Both tools serve different purposes within the realm of social engineering and phishing. Gophish is more focused and user-friendly for phishing campaigns, while Social-Engineer Toolkit offers a broader range of attack vectors but with a steeper learning curve.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Pros of Responder
- More versatile for network attacks, supporting various protocols
- Actively maintained with frequent updates
- Powerful for internal network penetration testing
Cons of Responder
- Steeper learning curve compared to Gophish
- Less focused on phishing campaigns specifically
- May require more manual configuration
Code Comparison
Responder (Python):
def start():
try:
server = ThreadingUDPServer(('', 137), UDPHandler)
t = threading.Thread(name='NBT-NS', target=server.serve_forever)
t.setDaemon(True)
t.start()
except Exception:
print(color("[!] ", 1, 1) + "Error starting NBT-NS server on port 137")
Gophish (Go):
func (s *Server) Start() {
go s.worker()
s.server = &http.Server{
Addr: s.config.ListenURL,
Handler: s.handler,
ReadTimeout: 10 * time.Second,
WriteTimeout: 10 * time.Second,
}
err := s.server.ListenAndServe()
if err != nil {
log.Fatal(err)
}
}
Both repositories serve different purposes in the realm of security testing. Responder is more focused on network attacks and internal penetration testing, while Gophish specializes in phishing campaign simulations. The code snippets show their respective server initialization processes, with Responder using Python and Gophish using Go.
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Pros of evilginx2
- More advanced phishing capabilities, including real-time session hijacking
- Better suited for targeting specific individuals or organizations
- Supports multiple phishing scenarios and customizable templates
Cons of evilginx2
- Steeper learning curve and more complex setup process
- Less user-friendly interface compared to Gophish
- May require more technical expertise to operate effectively
Code Comparison
Gophish (Go):
func (s *Server) handleLanding(w http.ResponseWriter, r *http.Request) {
ps := ctx.Get(r, "page_id").(string)
p, err := models.GetPage(ps, s.db)
if err != nil {
http.NotFound(w, r)
return
}
// ... (additional code)
}
evilginx2 (Go):
func (p *Phishlet) GetLureUrl(path string) (string, error) {
if !p.isTemplate {
return "", fmt.Errorf("phishlet '%s' is not a template", p.Name)
}
lure := p.cfg.GetLure(p.Name)
if lure == nil {
return "", fmt.Errorf("lure not found for phishlet '%s'", p.Name)
}
// ... (additional code)
}
Both projects are written in Go, but evilginx2 focuses on more advanced phishing techniques, while Gophish provides a simpler, more user-friendly approach to phishing campaigns. evilginx2 offers greater flexibility and customization options, but requires more technical knowledge to set up and operate effectively.
Phishing Campaign Toolkit
Pros of King-Phisher
- More extensive reporting and analytics capabilities
- Supports multiple simultaneous campaigns
- Includes a server component for more advanced phishing scenarios
Cons of King-Phisher
- Steeper learning curve and more complex setup
- Less frequent updates and potentially less active community
- Requires more system resources due to its comprehensive feature set
Code Comparison
King-Phisher (Python):
import king_phisher.client.application as application
import king_phisher.client.gui_utilities as gui_utilities
class KingPhisherClientApplication(application.KingPhisherClientApplication):
def __init__(self, config_file=None):
super(KingPhisherClientApplication, self).__init__(config_file=config_file)
Gophish (Go):
package models
import (
"time"
"github.com/jinzhu/gorm"
)
type Campaign struct {
Id int64 `json:"id"`
UserId int64 `json:"-"`
Name string `json:"name"`
CreatedDate time.Time `json:"created_date"`
CompletedDate time.Time `json:"completed_date"`
}
Both projects are open-source phishing simulation tools, but they differ in implementation and features. King-Phisher offers more advanced capabilities and a server component, while Gophish is known for its simplicity and ease of use. The code snippets show that King-Phisher is written in Python and has a more complex structure, while Gophish is written in Go and has a simpler, more straightforward approach to defining data models.
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Pros of CloudMapper
- Focuses on AWS cloud security and visualization
- Provides comprehensive network mapping and security analysis
- Supports multiple AWS accounts and regions
Cons of CloudMapper
- Limited to AWS environments, unlike Gophish's broader phishing simulation capabilities
- Requires more technical knowledge to set up and use effectively
- Less frequent updates compared to Gophish
Code Comparison
CloudMapper (Python):
def parse_arguments():
parser = argparse.ArgumentParser(description="CloudMapper")
parser.add_argument("--config", help="Config file name", default="config.json")
parser.add_argument("--account", help="Account to collect from")
parser.add_argument("--profile", help="AWS profile to use")
return parser.parse_args()
Gophish (Go):
func (s *Server) Start() {
log.Info("Starting gophish")
go s.Worker.Start()
go s.processMailLog()
go s.processCampaignEvents()
s.Server.ListenAndServe()
}
CloudMapper is a Python-based tool for AWS security analysis, while Gophish is a Go-based phishing simulation platform. CloudMapper offers in-depth AWS-specific features, but Gophish provides a more user-friendly interface for general phishing awareness training. CloudMapper's code focuses on AWS configuration and data collection, while Gophish's code handles server operations and campaign management.
Convert 
designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Gophish
Gophish: Open-Source Phishing Toolkit
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.
Install
Installation of Gophish is dead-simple - just download and extract the zip containing the release for your system, and run the binary. Gophish has binary releases for Windows, Mac, and Linux platforms.
Building From Source
If you are building from source, please note that Gophish requires Go v1.10 or above!
To build Gophish from source, simply run git clone https://github.com/gophish/gophish.git and cd into the project source directory. Then, run go build. After this, you should have a binary called gophish in the current directory.
Docker
You can also use Gophish via the official Docker container here.
Setup
After running the Gophish binary, open an Internet browser to https://localhost:3333 and login with the default username and password listed in the log output. e.g.
time="2020-07-29T01:24:08Z" level=info msg="Please login with the username admin and the password 4304d5255378177d"
Releases of Gophish prior to v0.10.1 have a default username of admin and password of gophish.
Documentation
Documentation can be found on our site. Find something missing? Let us know by filing an issue!
Issues
Find a bug? Want more features? Find something missing in the documentation? Let us know! Please don't hesitate to file an issue and we'll get right on it.
License
Gophish - Open-Source Phishing Framework
The MIT License (MIT)
Copyright (c) 2013 - 2020 Jordan Wright
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software ("Gophish Community Edition") and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
Top Related Projects
The Rogue Access Point Framework
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Phishing Campaign Toolkit
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot