Gophish

Open-Source Phishing Framework.

Overview

Gophish is a powerful, open-source phishing framework that makes it easy to test an organization's exposure to phishing. It provides a web UI that allows users to create and manage phishing campaigns, design email templates and landing pages, and view detailed results in real-time. Its simplicity and power have made it a favorite among security professionals.

✨ Key Features

Web UI for campaign management
Email and landing page template creation
Real-time campaign results tracking
Credential harvesting
RESTful API for automation
Cross-platform (Windows, Mac, Linux)

🎯 Key Differentiators

Easy-to-use web interface
Excellent documentation
REST API for automation

Unique Value: Offers a user-friendly, powerful, and free solution for conducting phishing simulations.

🎯 Use Cases (3)

Phishing simulation for security awareness Penetration testing Red team operations

            ✅ Best For
            Running internal phishing campaigns to test employee awareness
Automating phishing tests via API

        

💡 Check With Vendor

Verify these considerations match your specific requirements:

Comprehensive security awareness training with diverse content modules

🏆 Alternatives

Social-Engineer Toolkit (SET) King Phisher

Much easier to set up and manage for phishing-specific campaigns compared to the broader and more complex Social-Engineer Toolkit.

💻 Platforms

Web Desktop (self-hosted)

✅ Offline Mode Available

🔌 Integrations

API for custom integrations

💰 Pricing

Contact for pricing

Free Tier Available

Free tier: Fully open-source, no limits.

Visit Gophish Website →

Gophish

Overview

✨ Key Features

🎯 Key Differentiators

🎯 Use Cases (3)

✅ Best For

💡 Check With Vendor

🏆 Alternatives

💻 Platforms

🔌 Integrations

💰 Pricing

🔄 Similar Tools in Social Engineering Tools

KnowBe4 Security Awareness Training

Cofense PhishMe

Proofpoint Security Awareness Training

Social-Engineer Toolkit (SET)

Infosec IQ (from Fortra)

LUCY Security