Phishing Campaign Toolkit

King Phisher facilitates running phishing-focused social engineering campaigns.

Get the latest stable version from the GitHub Releases Page or use git to checkout the project from source.

For instructions on how to install, please see the INSTALL.md file. After installing, for instructions on how to get started please see the wiki.

King Phisher is released under the BSD 3-clause license, for more details see the LICENSE file.

Special Thanks (QA / Beta Testing):

• Jake Garlie - jagar

• Ken Smith - p4tchw0rk

• Brianna Whittaker

King Phisher Development Team:

• Brandan Geise - coldfusion (@coldfusion39)

• Jeff McCutchan - jamcut (@jamcut)

• Spencer McIntyre - zeroSteiner (@zeroSteiner)

King Phisher uses Sphinx for internal code documentation. This documentation can be generated from source with the command sphinx-build docs/source docs/build. The latest documentation is kindly hosted on ReadTheDocs at king-phisher.readthedocs.org.

The client configuration file is encoded in JSON and most options are configurable through the GUI interface.

The following options will be honored but are not configurable through the GUI:

• gui.refresh_frequency (Default: 5 minutes)
• mailer.max_messages_per_connection (Default: 5)
• rpc.serializer (Default: Automatically determined)
• ssh_preferred_key (Default: N/A)

The client message templates are formatted using the Jinja2 templating engine and support a number of variables. These are included here as a reference, check the templates wiki page for comprehensive documentation.

The uid is the most important, and must be present in links that the messages contain.