gophish

Start Gophish server

$ ./gophish

$ ./gophish -config [config.json]

$ https://localhost:3333

gophish [options]

Gophish is an open-source phishing framework for security awareness training and penetration testing. It provides a web interface for creating and managing phishing campaigns, including email template editing, landing page cloning, and results tracking.
The platform is used by security teams to test organizational awareness and response to phishing attacks, with campaign management, user group handling, and API support for automation.

-config file

Configuration file path.

config.json

Main configuration file specifying admin server address, phishing server address, database path, and TLS settings.

For authorized security testing only. Requires proper authorization before use. Email sending needs configured SMTP. May be flagged by security software. Store credentials securely.

Gophish was created by Jordan Wright in 2015 as an open-source alternative to commercial phishing simulation platforms. It's widely used in security awareness training and penetration testing.

setoolkit(1), king-phisher(1)