Python Phishing Campaign Toolkit
King Phisher facilitates running phishing-focused social engineering campaigns.
For instructions on how to install please see the INSTALL.md file. After installing, for instructions on how to get started please see the wiki.
King Phisher is released under the BSD 3-clause license, for more details see the COPYING file.
Special Thanks (QA / Beta Testing):
-
Jake Garlie - jagar
-
Ken Smith - p4tchw0rk
King-Phisher Development Team:
-
Brandan Geise - coldfusion
-
Jeff McCutchan - jamcut
-
Spencer McIntyre - zeroSteiner (@zeroSteiner)
The client configuration file is encoded in JSON and most options are configurable through the GUI interface.
The following options will be honored but are not configurable through the GUI:
- server_remote_port (Default: 80)
- mailer.max_messages_per_connection (Default: 5)
- ssh_preferred_key (Default: N/A)
The client message templates are formatted using the Jinja engine and support a number of variables. These are included here as a reference.
| Variable Name | Variable Value |
|---|---|
| uid | Unique Tracking Identifier |
| first_name | The target's first name |
| last_name | The target's last name |
| company_name | Company Name |
| email_address | The target's email address |
| tracking_dot_image_tag | The tracking image in a preformatted <img /> tag |
| url.tracking_dot | URL of an image used for message tracking |
| url.webserver | Phishing Server URL with the uid paramater |
| url.webserver_raw | Phishing Server URL without any parameters |
The uid is the most important, and must be present in links that the messages contain.