加载中
正在获取最新内容,请稍候...
GoPhish - Open-Source Phishing Toolkit
GoPhish is an open-source phishing toolkit designed for businesses and penetration testers. It provides a simple, easy-to-use platform for launching phishing campaigns, simulating real-world attacks to test security awareness and train employees.
Go
Added on 2025年6月7日12,684
Stars2,587
ForksGo
LanguageProject Introduction
Summary
GoPhish is a powerful, open-source phishing framework written in Go that makes it easy to test your organization's security awareness or simulate real-world attacks. It's designed to be scalable and extensible, suitable for both small businesses and large enterprises.
Problem Solved
Testing employee security awareness and conducting realistic penetration tests involving social engineering is often complex and resource-intensive. GoPhish simplifies this process by providing a controlled environment to simulate phishing attacks, helping organizations identify vulnerabilities and improve security posture.
Core Features
Campaign Management
Easily create and launch sophisticated phishing campaigns with customizable email templates, landing pages, and sending profiles.
Reporting and Analytics
Track campaign results in real-time, including clicks, submissions, and compromised credentials, with detailed reporting and analytics.
Target Management
Manage targets by importing lists and organizing them into groups for focused campaigns.
Tech Stack
Go
HTML
CSS
JavaScript
PostgreSQL
使用场景
GoPhish is utilized in various scenarios for improving cybersecurity defenses and assessing human vulnerability to phishing attacks.
Internal Security Awareness Training
Details
Organizations simulate phishing campaigns against their employees to assess click rates, credential submissions, and other risky behaviors, using results to tailor security training.
User Value
Provides measurable results on employee susceptibility to phishing, allowing for targeted and effective training programs.
Penetration Testing & Security Assessments
Details
Security consultants or internal red teams use GoPhish to perform social engineering tests as part of a comprehensive security assessment or penetration test for clients or internal systems.
User Value
Offers a controlled and reportable method to demonstrate the impact of successful social engineering attacks on the target environment.
Recommended Projects
You might be interested in these projects
simple-iconssimple-icons
Discover and use high-quality, free SVG icons for popular brands and companies. Perfect for web development, documentation, and presentations.
JavaScript
228002822
ArcInstitutestate
State is an advanced machine learning model designed to accurately predict cellular perturbation responses across various biological contexts. Accelerate drug discovery and biological research with state-of-the-art predictive capabilities.
Python
13920
bentomlBentoML
BentoML is an open-source framework for building, shipping, and scaling production AI applications. Easily serve ML models as APIs, create job queues, build LLM apps, and orchestrate multi-model inference pipelines.
Python
7848850