Commit Graph

189 Commits (90fed5a575628b89eaf941e1627b49e0f3693812)

Author SHA1 Message Date
Jordan Wright bb7de8df3e
Initial Implementation of a Password Policy (#1867)
This PR adds the initial work to implement a password policy as defined in #1538.

Specifically, this implements the following

* Rate limiting for the login handler
* Implementing the ability for system admins to require a user to reset their password
* Implementing a password policy that requires passwords to be a minimum of 8 characters
* Removes the default password (gophish) for admin users to instead have the password randomly generated when Gophish first starts up
* Adds a password strength meter when choosing a new password

Fixes #1538
2020-06-19 22:03:51 -05:00
Prasoon Dwivedi 40b77840f5
Add favicon (#1831)
Added favicon image and corrected the path to the favicon
2020-05-08 21:00:22 -05:00
Glenn Wilkinson 6e20f64322
Fixed text autocomplete dropping down in Chrome (#1749) 2020-02-11 21:48:48 -08:00
Glenn Wilkinson 9de32746ee Added IMAP support for checking reported emails (#1612)
Initial support of managing reporting through IMAP.

Co-Authored-By: Jordan Wright <jmwright798@gmail.com>
2020-01-18 11:58:34 -06:00
Jordan Wright 01287e0dd5 Minor cleanup on webhook feature integration
- Ran gofmt
- Rebuilt minified static files
- Updated validation payload
2019-12-15 22:07:55 -06:00
Alex Maslakov 28cd7a238e Add Webhook Support
Adds support for managing outgoing webhooks. Closes #1602
2019-12-15 20:27:21 -06:00
David Maciejak 20295bd96a Remove the Top Navigation Menu
The top navigation menu is redundant to the sidebar. We’re opting to remove it so that we are free to update the sidebar to be more complex over time.
2019-08-29 07:36:04 -05:00
Jordan Wright 84096b8724
Implement User Management API (#1473)
This implements the first pass for a user management API allowing users with the `ModifySystem` permission to create, modify, and delete users. In addition to this, any user is able to use the API to view or modify their own account information.
2019-05-31 13:58:18 -05:00
Jordan Wright 3cec2dabbf
Add Archived Campaigns View (#1367)
* Adding archived view for campaigns (#1334)

* Formatted the code, did some very minor cleanup, and rebuilt the minified JS

Closes #448
2019-02-19 21:30:18 -06:00
Jordan Wright ba8ceb81da
Initial commit of RBAC support. (#1366)
* Initial commit of RBAC support. Closes #1333
2019-02-19 20:33:50 -06:00
Jordan Wright b4ff771b3a Added autocomplete for template tags to the editor for email templates and landing pages. 2018-12-30 00:02:41 -06:00
Jordan Wright ebc099b6c2 Changed modals to avoid exiting when the user clicks outside them. Fixes #1236 2018-10-15 10:40:57 -05:00
Jordan Wright abafe3526b Moved documentation links to point to docs.getgophish.com. 2018-10-11 12:06:36 -05:00
Jordan Wright 7dcf30f277
Add Support for Timed Campaigns (#1184)
This builds on the work from @c-f in #1090 to fully add support for "timed" campaigns, in which the emails are spaced apart as opposed to all being sent at once.
2018-09-02 11:17:52 -05:00
Jordan Wright 35a8f13990 Improved group CSV parsing. Added ability to download CSV template from the group modal. 2018-06-09 13:22:11 -05:00
Jordan Wright a04f6d031b Cleaned up dashboard page when no campaigns have been launched 2018-05-26 21:37:22 -05:00
Jordan Wright e1d5c809b2
Removed redundant </div> tag. Fixes #1041 2018-04-20 20:47:29 -05:00
Jordan Wright 2131c17c33
Fixing SSRF by requiring an API key for all import endpoints. Fixes #1026 2018-03-26 21:04:22 -05:00
Jordan Wright f21536da7c
Adding "Report Email" Support (#1014)
Adds the capability to report phishing campaigns using an email client extension.

**Note: Gophish does not currently provide an email client extension out of the box. This is simply a mechanism to let existing email client add-ons send report status information to Gophish, and have that information reflected in the dashboard.**
2018-03-18 22:03:00 -05:00
Jordan Wright aa8c770e73 Adding "next" parameter to support redirecting after successful login. 2017-12-10 21:40:46 -06:00
Jordan Wright 6f81f1f2e2 Making the results map an optional setting stored in localStorage. Fixes #747
Also does more formatting fixes for various files.
2017-09-16 23:30:04 -05:00
Jordan Wright b5981f16d2 For now, removing tab on campaign results page since there's only one tab 2017-09-08 22:52:54 -05:00
Mike Nickels 779e419ab4 Changed hrefs in sidebar to be consistent with other pages (#715) 2017-08-08 14:02:01 -05:00
Jordan Wright 75600f5812 Moved all charts from Chartist to Highcharts. Closes #680. 2017-08-05 21:12:44 -05:00
Jordan Wright 80c68194a6 Updated dashboard to show full final statuses instead of just "Successful" vs "Unsuccessful". 2017-06-18 17:32:18 -05:00
Jordan Wright bddb9fdb28 Changing UI Refresh to a Longer Poll + Manual Refresh (#587)
* Added refresh button and reduced lag for large campaigns (#565)

* Amended refresh function to allow manual refreshes

Moved the function out of document.ready and tied it to the button. Also reduced automatic refresh to 60 seconds, to make it easier for medium - large campaigns to be viewed without lagging.

* Amended refresh function to allow manual refreshes

* Update campaign_results.html

* Re-building the campaign_results JS
2017-04-05 22:20:00 -05:00
Jordan Wright 66c4be3d4f Adding support for custom headers in sending profiles (#544)
Closes #215 
Closes #128
2017-02-19 18:43:08 -06:00
Jordan Wright dbadac3eca Explicitly disabled autocomplete for password fields 2017-02-10 18:38:23 -06:00
Jordan Wright ed980a0861 Moved campaign attributes to use Select2 instead of Typeahead.js 2017-01-29 17:56:38 -06:00
Jordan Wright c52981614a Updated nav link to point to the correct User Guide 2017-01-14 17:33:37 -06:00
Jordan Wright 7453fd3b48 Added summary routes for groups.
Routes:
/api/groups/summary
/api/groups/:id/summary

The UI is now using these routes for the "Users & Groups" page.
2017-01-14 17:26:04 -06:00
Jordan Wright 9dfe54ac3d Added gulpfile to minify and concat JS + CSS files for faster loading. 2017-01-08 14:35:08 -06:00
Jordan Wright e7a9fb5666 Moved user guide to github wiki 2016-11-13 20:54:27 -06:00
Jordan Wright 33df3c3868 Added the version to the settings page. 2016-08-06 18:58:34 -05:00
Jordan Wright e746a86816 Implementing new alert dialogs. 2016-07-11 23:31:11 -05:00
Jordan Wright 1dbf061d87 Implement the ability to complete a campaign. Fixes #290.
First implementation of new alert format.
2016-07-11 22:11:40 -05:00
Jordan Wright 082023aae0 Adding the ability to schedule campaigns. Fixes #21 2016-06-07 21:42:09 -05:00
Rob Cutmore a6379fc83d Clean up templates
- Updated login and register templates to use same font for logo text
  that other templates use.

- Removed commented out CSS link.
2016-04-06 07:47:09 -04:00
Jordan Wright 52b9eda3b2 Added support for redirect URL's after creds are submitted. Fixes #210 2016-03-18 20:19:13 -05:00
Jordan Wright cfba48a824 Added the ability to convert links on email import to point to the landing page. Fixes #201 2016-03-10 20:35:33 -06:00
Jordan Wright d5bf800961 Changing input type of smtp password to "password" 2016-03-10 11:20:49 -06:00
Jordan Wright 9d5f8d640f Improved page titles - Fixes #198 2016-03-09 18:17:46 -06:00
Jordan Wright d04c562d7e Updated API for release 0.1.2 2016-03-03 20:44:11 -06:00
Rob Cutmore e39ae8dfdd Confirm password on registration or change
Updated to confirm password when registering user or changing a
user's password.

Fixes #180
2016-03-02 08:33:27 -05:00
Jordan Wright 6b61b24f68 Merge branch 'master' into 78-store-smtp-settings
# Conflicts:
#	models/models_test.go
#	static/js/app/landing_pages.js
2016-02-28 22:08:39 -06:00
Jordan Wright 49e575cf56 Making the Name column a bit wider so that the "Interface" column doesn't take up all the room. 2016-02-27 20:08:38 -06:00
Jordan Wright 4810222404 Merge branch '124-capture-passwords' 2016-02-25 20:04:48 -06:00
Jordan Wright 53e5508bca Upgrading Datatables 2016-02-22 22:40:33 -06:00
William Woodson a3376a702f Working on send test email in sending_profiles page 2016-02-22 06:25:29 -06:00
William Woodson a2ee229848 More cleaning up artifacts in modals on edit/copy/new for #143 2016-02-22 05:57:03 -06:00