GoPhish
-
I finally got a chance to setup GoPhish. I sent out a test phishing email out to our IT department and I must say it works pretty well. Social Engineering is really easy with GoPhish. You can clone any website automatically including OWA with a fake link that our employees should catch.
You can also easily clone legit emails and legit users. I want to test some CEO fraud since that is the latest popular scam. Oh I was also able to pull a csv from Active Directoy and import the entire organization.
-
This is on my list of things to test out... on my family... using the Nigerian prince scam... after I warn them, of course... maybe.
-
-
Nice, is GoPhish free?
-
-
Another cool thing is that it does not capture passwords by default. You only get their username. If you want to capture passwords you can, but they will be in plain text..
-
@scottalanmiller said in GoPhish:
Nice, is GoPhish free?
Yes 100% and it stays on your local network.
-
Very cool, looks like a good tool.