加载中
正在获取最新内容,请稍候...
GoPhish - Open-Source Phishing Toolkit
GoPhish is an open-source phishing toolkit designed for businesses and penetration testers. It provides a simple, easy-to-use platform for launching phishing campaigns, simulating real-world attacks to test security awareness and train employees.
Go
Added on 2025年6月7日12,684
Stars2,587
ForksGo
LanguageProject Introduction
Summary
GoPhish is a powerful, open-source phishing framework written in Go that makes it easy to test your organization's security awareness or simulate real-world attacks. It's designed to be scalable and extensible, suitable for both small businesses and large enterprises.
Problem Solved
Testing employee security awareness and conducting realistic penetration tests involving social engineering is often complex and resource-intensive. GoPhish simplifies this process by providing a controlled environment to simulate phishing attacks, helping organizations identify vulnerabilities and improve security posture.
Core Features
Campaign Management
Easily create and launch sophisticated phishing campaigns with customizable email templates, landing pages, and sending profiles.
Reporting and Analytics
Track campaign results in real-time, including clicks, submissions, and compromised credentials, with detailed reporting and analytics.
Target Management
Manage targets by importing lists and organizing them into groups for focused campaigns.
Tech Stack
Go
HTML
CSS
JavaScript
PostgreSQL
使用场景
GoPhish is utilized in various scenarios for improving cybersecurity defenses and assessing human vulnerability to phishing attacks.
Internal Security Awareness Training
Details
Organizations simulate phishing campaigns against their employees to assess click rates, credential submissions, and other risky behaviors, using results to tailor security training.
User Value
Provides measurable results on employee susceptibility to phishing, allowing for targeted and effective training programs.
Penetration Testing & Security Assessments
Details
Security consultants or internal red teams use GoPhish to perform social engineering tests as part of a comprehensive security assessment or penetration test for clients or internal systems.
User Value
Offers a controlled and reportable method to demonstrate the impact of successful social engineering attacks on the target environment.
Recommended Projects
You might be interested in these projects
robertdavidgrahammasscan
Explore the internet at scale. masscan is the fastest internet port scanner, capable of scanning the entire Internet in under 5 minutes.
C
245433130
glouwctl
The C Template Library (CTL) provides generic data structures and algorithms for the C programming language, enabling type-safe and reusable code similar to C++ STL but in pure C.
C
118287
future-architectvuls
An agent-less vulnerability scanner designed for comprehensive security checks across Linux, FreeBSD, containers, WordPress, programming language libraries, and network devices.
Go
115101187