- Gophish: Open-Source Phishing Toolkit
- gophish 0.4.0
- gophish 0.4.0
- Subscribe to RSS
- Go Phishing (and Reporting)
I have used most of the phishing frameworks out there and none of them ever really grabbed me. Jordan did the release so right. The platform is polished, there is documentation, and the whole package is just really slick. I liked Gophish so much I created a reporting tool for it called Goreport. It was also tough to do any development without a Gophish database, and I never seemed to have one available. That was until Gophish gained the awesome feature of generating sample databases. I am very happy to release an updated version of Goreport, v3. Gophish can be run inside a Docker container and with one short command Docker will run Gophish, forward local port to the container, and generate a demo database. This is done in two commands:. Once the container is running you will begin to see the simulated events stream by in your terminal:. Gophish generates a decent sample size of a few hundred recipients and their activities so this will take a short time to complete. Login with admin:gophish to see your new campaign summary. Mine looked like this with fake recipients:. The only report export option is a dump of event data you can download as csv files. This is actually a good thing. Reporting is where the Gophish API shines. Users can do many interesting things with the API. Goreport leverages the API to access campaign and event details, enrich that data, and then generate reports. Goreport will generate spreadsheets, document files, and statistics. Thanks to the demo database, all of the API calls can be used for testing and experimentation, which makes development much easier. Goreport accomplishes all reporting tasks using Python 3. Goreport ingests the campaign data from Gophish and then processes each event to provide event totals both overall totals and unique totals. The demo database does not simulate this but it is common for phishing campaigns to record more than one click for one recipient. The victim may visit the phishing page multiple times or forward the email to others who may then click the link. Such a change might indicate the recipient connected or disconnected a VPN or changed locations but by flagging these changes Goreport determines if timestamps and activities suggest the email was forwarded or is being analyzed. For example, if you see the recipient clicked the link from New York City and then clicked again from Boston within minutes there might be something interesting happening. The previous release of Goreport did this using a messy mix of the MaxMind database and the Google Maps API to take the coordinates Gophish stores with the events, lookup the coordinates with Google Maps, and then compare the Google Maps results with MaxMind to try to get the most up-to-date and accurate IP location. This worked but it was error prone and horrible to debug. Optionally, you can now provide an API token for ipinfo. The free tier of ipinfo. The Maps API is still included as well. It still works the same way as it did when I first used it in Goreport but now it requires a Google account, the Geolocate API enabled on that account, and an API key that will incur charges for each request. You can enable it by providing a Geolocate-enabled API key in the gophish. The Geolocate API will only be used if an ipinfo. A final Maps tweak is the data collected from the API. The API returns results with the first result being the most specific location. Goreport now returns that as the result. There is one caveat: Google Maps is very specific and will return road names and even the name of the building at the site if those details are available. This could be good or bad depending on what someone wants from the location data.
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together. If nothing happens, download GitHub Desktop and try again. If nothing happens, download Xcode and try again. If nothing happens, download the GitHub extension for Visual Studio and try again. Gophish was built from the ground-up to be API-first. This means that we build out the API endpoints for all of our features, and the UI is simply a wrapper around these endpoints. To start, simply create a client using the API key found in the Settings page. You can find the full Python client documentation here. Skip to content. Dismiss Join GitHub today GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together. Sign up. Python Branch: master. Find file. Sign in Sign up. Go back. Launching Xcode If nothing happens, download Xcode and try again. Latest commit Fetching latest commit…. To interface with Gophish using Python, we've created a gophish client library. If you want to access the API directly, please refer to our API Documentation Installation To install the gophish library, simply run the command: pip install gophish Quickstart Getting up and running with the Python library is quick and easy. You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Create pythonpublish. Feb 2, Added IMAP support. Feb 3, Initial commit. Jan 16, Jan 24, Added setup.
Subscribe to RSS
GitHub is home to over 40 million developers working together. Join them to grow your own development teams, manage permissions, and collaborate on projects. Open-Source Phishing Toolkit. A service to test mail servers for best practices. Go 14 2. Python 25 A guide explaining how to use Gophish. The documentation for the Gophish API. A script to load demo data into Gophish. The best way to send emails in Go. Scripts used to compile, package, and release new versions of Gophish. This organization has no public members. Skip to content. Sign up. Pinned repositories. Type: All Select type. All Sources Forks Archived Mirrors. Select language. All Go Python. Repositories gophish Open-Source Phishing Toolkit golang security phishing gophish. Go 4, 7 issues need help 21 Updated Mar 29,