Gophish – Open Source Phishing Toolkit

Gophish is an open-source Phishing tool designed for penetration testers. It is user-friendly and easy to setup and execute phishing engagements and security awareness training.


Gophish is available on Windows, Linux and Mac. You can download this tool from its official site HERE

How-To Install

  • Download and extract the zip file Gophish binaries are provided for most platforms
  • Run the binary – Gophish is a standalone, portable binary with static assets.
  • That’s It  Gophish is now available on http://localhost:3333. Login with admin:gophish

Point-and-Click Phishing

  • Beautiful Web UI A full web UI makes creating simulated phishing campaigns easy.
  • Pixel-Perfect Phishing Create pixel-perfect emails and landing pages from scratch or by importing them directly into gophish.

Automate Phishing Campaigns

  • RESTful API – Gophish is built from the ground-up with a fully-featured JSON API.
  • Automated Training Use your favorite language or API utility to manage every aspect of your phishing training automatically.

You can also use gophish via an unofficial Docker container here. You can report any issue with gophish tool here and for documentation here.

%d bloggers like this: