aeondave/gophish
offensive-tools/social-engineering/gophish/SKILL.md
Open-source phishing campaign framework with web UI for creating credential harvesting campaigns, tracking click-through rates, and managing targets. Use when asked to set up a phishing campaign, create credential harvesting pages, send spear-phishing emails, or generate phishing infrastructure.
$ install --global
skillsauthnpx skillsauth add aeondave/malskill gophishInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 9:33 PM56.0s1 file scanned
SKILL.md
- name:
- gophish
- description:
- Open-source phishing campaign framework with web UI for creating credential harvesting campaigns, tracking click-through rates, and managing targets. Use when asked to set up a phishing campaign, create credential harvesting pages, send spear-phishing emails, or generate phishing infrastructure.
- license:
- MIT
- compatibility:
- Linux, Windows, macOS. Download prebuilt binary from GitHub releases. Requires inbound TCP 443/80 and SMTP relay. No OS dependencies.
- author:
- AeonDave
- version:
- 1.0
GoPhish
Full phishing campaign framework — manage targets, templates, landing pages, and capture credentials via web UI.
Quick Start
# Start GoPhish (default: admin UI on :3333, phishing on :80)
./gophish
# Custom config
./gophish --config config.json
# Access admin UI
# https://127.0.0.1:3333 (default admin:gophish, change on first login)
Configuration (config.json)
{
"admin_server": {
"listen_url": "127.0.0.1:3333",
"use_tls": true,
"cert_path": "gophish_admin.crt",
"key_path": "gophish_admin.key"
},
"phish_server": {
"listen_url": "0.0.0.0:443",
"use_tls": true,
"cert_path": "/etc/letsencrypt/live/phish.example.com/fullchain.pem",
"key_path": "/etc/letsencrypt/live/phish.example.com/privkey.pem"
},
"db_name": "sqlite3",
"db_path": "gophish.db"
}
Campaign Workflow
- Sending Profile — configure SMTP relay (host, port, from, username, password)
- Email Template — HTML/text body with
{{.FirstName}},{{.URL}},{{.Tracker}} - Landing Page — clone target login page; enable Capture Credentials + Redirect to
- User & Group — import CSV:
First Name, Last Name, Email, Position - Campaign — link all above, set send schedule, launch
Email Template Variables
| Variable | Description |
|----------|-------------|
| {{.FirstName}} | Target first name |
| {{.LastName}} | Target last name |
| {{.Email}} | Target email |
| {{.Position}} | Target job title |
| {{.From}} | Sending address |
| {{.URL}} | Unique phishing link (auto-generated) |
| {{.Tracker}} | Open-tracking pixel |
| {{.RId}} | Unique recipient ID |
Common Workflows
# Import targets from CSV
# CSV format: First Name,Last Name,Email,Position
cat > targets.csv << 'EOF'
First Name,Last Name,Email,Position
John,Doe,[email protected],Developer
EOF
# API: list campaigns
curl -k -H "Authorization: Bearer API_KEY" https://127.0.0.1:3333/api/campaigns/
# API: get campaign results
curl -k -H "Authorization: Bearer API_KEY" https://127.0.0.1:3333/api/campaigns/1/results
SMTP Relay Options
- Sendgrid / Mailgun — free tier available
- Self-hosted Postfix — configure SPF/DKIM/DMARC for deliverability
- SMTP2GO — good deliverability, free tier
Infrastructure Tips
- Register lookalike domain (e.g.,
target-helpdesk.com) - Set up Let's Encrypt TLS on phishing server
- Add SPF, DKIM, DMARC records for sending domain
- Use email warmup for better inbox placement
Resources
| File | When to load |
|------|--------------|
| references/campaign-setup.md | Full setup guide: SMTP config, DNS records, landing page cloning, API usage |
Related Skills
aeondave/vibe-audit-technique
development
VerifiedTrustedCommunity
White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).
4SKILL.mdUpdated Jun 12, 2026
aeondave/source-review-technique
development
VerifiedTrustedCommunity
Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.
4SKILL.mdUpdated Jun 12, 2026
aeondave/hardware-technique
development
VerifiedTrustedCommunity
Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.
4SKILL.mdUpdated Jun 12, 2026
aeondave/container-technique
devops
VerifiedTrustedCommunity
Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.
4SKILL.mdUpdated Jun 12, 2026