Skip to content
Lure - User Recon Automation for GoPhish
Branch: master
Clone or download
Latest commit 78aabaa Aug 5, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
screenshots Update Jul 29, 2019
.gitignore Create .gitignore Jul 29, 2019 Update Jul 29, 2019 Update Aug 5, 2019
requirements.txt Initial Commit Jul 26, 2019


Lure - User Recon Automation for GoPhish

What is Lure?

Lure assists in phishing target collection by pulling and parsing email addresses for a target organization. The results are normalized into a format recognized by GoPhish, and then uploaded to the server.

What sources does Lure search?

Lure currently searches the following sources:

  • theHarvester
  • LinkedIn (via Bing Search API)

How do I run Lure?

  • Clone the git repo: git clone
  • Install the prerequisites: pip3 install -r requirements.txt
  • Edit to ensure your API keys and paths are correct.
  • Give lure a domain to search and wait:
    • ./ -d

What if I already have a list of targets?

You can use the ./ -d -f /path/to/file.csv options to import a csv file in GoPhish format. Lure will append any search results to that list before uploading it.

What is the Gophish Format for the CSV?

Use ./ -t to generate a CSV template.

Can I customize which sources Lure uses?

Yes, edit resources/ and change the sources to "True" or "False"

Lure is taking a long time to complete.

Disable theHarvester in resources/ theHarvester takes a long time to generate very few results.

Where do I enter API keys, tester names, and other variables?

Edit resources/ You can run mv resources/ resources/ to fill in the configuration template.

Lure says it found X number of emails, but the GoPhish group shows a different number.

GoPhish will not accept invalid entries. If one of the email addresses is collected erroneously and ends up being "", "", etc, it will be rejected during the upload.


Lure Command Line

Lure Importing to GoPhish

You can’t perform that action at this time.