BluePhish: Open-Source Phishing Toolkit (Direct Fork of GoPhish)
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.
The BluePhish version of GoPhish supports currently only sqlite3.
You can define the following env variables for configuring the BluePhish instance:
| Variable | Purpose | Default Value |
|---|---|---|
BLUEPHISH_INITIAL_ADMIN_PASSWORD |
set an initial admin password | bluephish |
BLUEPHISH_INITIAL_ADMIN_API_TOKEN |
set an initial admin api token | randomly generated |
docker pull ghcr.io/bluestoneag/bluephish:latestsample docker-compose file: docker-compose.yaml
Edit and apply the kustomization files in the kubernetes directory.
For every campagne you have to create a specific ingress ressource in the ingress.yaml.
The ingress ressource should refer to the bluephish-webserver service on port 80 defined in the services.yaml.
Documentation can be found on our site. Find something missing? Let us know by filing an issue!
- Found a bug?
- Want more features?
- Find something missing in the documentation?
Let us know! Please don't hesitate to file an issue and we'll get right on it.
As mentioned before BluePhish is a direct fork of the GoPhish Version 0.11.0 (https://github.com/gophish/gophish).
This means that a the most code is provided by GoPhish and the license of the GoPhish is the same as the license of the BluePhish.