Gophish
Open-Source Phishing Framework for security professionals

Gophish is an open-source phishing simulation framework designed for security testing and awareness training. It offers one-click installation, a REST API with a Python client, and a web UI for creating and tracking phishing campaigns. Users can monitor real-time results including email opens, link clicks, and submitted credentials.
Users install a single binary, configure phishing campaigns via a web UI or REST API, send simulated phishing emails, and track real-time results including opens, clicks, and credential submissions.
security professionals and penetration testers
Background.
- Status
- launched
- Business model
- open-source
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.