Open-Source Phishing Toolkit
 
 
 
 
 
 
Go to file
s vignesh bfb7fd11e8 Fixing XSS Vulnerabilities
This pull request fixed XSS vulnerabilities identified in the gophish admin panel.

**Important: These vulnerabilities could only be exploited if someone had access to the admin panel already, and could only exploit the vulnerability against the same account.**
2016-09-15 00:52:58 -04:00
auth Fixing XSS Vulnerabilities 2016-09-15 00:52:58 -04:00
config Added the version to the settings page. 2016-08-06 18:58:34 -05:00
context Fixing context issues with Go 1.7. 2016-09-14 22:24:51 -05:00
controllers Fixing context issues with Go 1.7. 2016-09-14 22:24:51 -05:00
db Adding the ability to schedule campaigns. Fixes #21 2016-06-07 21:42:09 -05:00
doc Adding first draft of CONTRIBUTING file and CLA. Fixes #57 2016-01-13 23:05:17 -06:00
middleware Fixing context issues with Go 1.7. 2016-09-14 22:24:51 -05:00
models Potential fix for database locking issue. Fixes #331 2016-08-02 23:28:22 -05:00
static Fixing XSS Vulnerabilities 2016-09-15 00:52:58 -04:00
templates Added the version to the settings page. 2016-08-06 18:58:34 -05:00
util Minor gofmt change 2016-02-09 22:29:13 -06:00
worker Cleaning up some email sending bugs. Fixes #329 2016-08-02 23:18:53 -05:00
.gitattributes Implement the ability to complete a campaign. Fixes #290. 2016-07-11 22:11:40 -05:00
.gitignore Working on setting up Login functionality 2014-01-06 00:09:41 -06:00
.travis.yml Fixing context issues with Go 1.7. 2016-09-14 22:24:51 -05:00
CONTRIBUTING.md Adding first draft of CONTRIBUTING file and CLA. Fixes #57 2016-01-13 23:05:17 -06:00
LICENSE Updated copyright 2015-08-05 00:23:20 -05:00
README.md Updated README.md 2016-08-06 19:06:21 -05:00
config.json Adding first round of database migrations using goose 2016-01-18 21:13:32 -06:00
gophish.go Fixing XSS Vulnerabilities 2016-09-15 00:52:58 -04:00

README.md

gophish logo

Gophish

Join the chat at https://gitter.im/gophish/gophish

Build Status GoDoc

Gophish: Open-Source Phishing Toolkit

Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.

###Current Status Update 08/06/2016

We're working to finalize the 0.2 release with minor bug fixes and docs cleanup. We will be releasing binaries for all platforms as soon as the code is ready to go.

Get hyped!

###Install

Installation of Gophish is dead-simple - just download and extract the zip containing the release for your system, and run the binary. Gophish has binary releases for Windows, Mac, and Linux platforms.

Building From Source

If you are building from source, please note that Gophish requires Go v1.5 or above!

To build Gophish from source, simply run go get github.com/gophish/gophish and cd into the project source directory. Then, run go build. After this, you should have a binary called gophish in the current directory.

Docker

You can also use Gophish via an unofficial Docker container here.

###Setup After running the Gophish binary, open an Internet browser to http://localhost:3333 and login with the default username (admin) and password (gophish).

###Documentation

Documentation can be found on our site. Find something missing? Let us know by filing an issue!

###Issues

Find a bug? Want more features? Find something missing in the documentation? Let us know! Please don't hesitate to file an issue and we'll get right on it.

###License

Gophish - Open-Source Phishing Framework

The MIT License (MIT)

Copyright (c) 2013 - 2016 Jordan Wright

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software ("Gophish Community Edition") and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.