@wolfthefallen wolfthefallen released this Nov 7, 2018

Assets 3
  • Added support for users to set their email address for campaign alerts via email
  • Added additional plugin metadata fields for reference URLs and category classifiers
  • Added additional documentation including an architecture overview for reference
  • Multiple improvements to the client plugin manager
    • There is now an option to update plugins in the menu
    • Plugins can ship with dedicated documentation in markdown files that will be displayed
    • The GUI no longer locks up while tasks like downloading plugins are taking place
  • Added the new fetch Jinja function and fromjson Jinja filter
  • Added campaign-alert-expired and campaign-expired server signals
  • Switched to using Pipenv to manage the environment and dependencies

MSI Build Hashes:

md5: fe86670b43eae41f5a1ad3d25eb131ed
sha1: d2d4dc73e682f3bb7c4d51429637bb27b01eba1a
sha512: 8ca2bd0c4e34ef71a56c930040712b3bda9ee8c3905b6379f3dd193cdaabf706f5408a1a8b241c377eed6f72f71ec0bfd69975856916885092137dc5731a44ea

@wolfthefallen wolfthefallen released this Apr 12, 2018 · 139 commits to master since this release

Assets 3
  • Updated to support matplotlib version 2.2.0
  • Removed docker server support
  • Multiple improvements to the installation script
    • Users can now specify a supported Linux distro when it is not automatically detected
    • The database connection string is kept to avoid PostgreSQL password resets
  • Added support for setting message UID character set options
  • Bumped the required minimum version of Python to 3.4 and GTK to 3.14
  • Update Windows build to use pygi-aio-3.24.1_rev1 PyGObjects
  • Multiple bug fixes.

MSI Build Hashes:

md5: d8b584378d573f26d49a68572b955e26
sha1: 91d98a8ba324a97e9f4c8a3867a1a45a4ef98ee2
sha512: 26c1d3efa1ca3429e412fc35a658f376e91070f7f9dccd29878091eb189cc529258600dbccee69e276754c541e271dc00807c9e06e774d6e09acd602c6b7e23e

@wolfthefallen wolfthefallen released this Mar 16, 2018 · 168 commits to master since this release

Assets 3
  • Added a campaign-alert server signal for custom alert delivery mechanisms

  • Use GraphQL for loading data instead of the legacy table-based API

  • Support fault-tolerance when dispatching server signals

  • Allow a country code to be set in users' phone numbers

  • Visits will now be tracked if the landing page is any existing type

  • Multiple RPC Terminal improvements

    • Fix a bug regarding line wrapping due to the TERM environment variable
    • Use ipython when it's installed
    • Added %graphql and %graphql_file magic commands
  • Tweaks to the default MIME-encoded HTML message to reduce it's SpamAssassin score

  • Modified client signals to allow better API control

    • Added message-create and target-create for modifying the respective objects
    • Added message-send and target-send to allow skipping the message and target
    • Removed the send-message and send-target signals in favor of the new ones

MSI Build Hashes:

md5: d425bd6f40b5989db1384c3bd86cbb43
sha1: 3880253db0e56d21fae86477ca88f3114d0e0f7a
sha512: 42102fa1a4f7f89b11ca2aaf0aebb6bfcf50a7cf2a2f02cb72c3d83095ba21fa01d01c7928ee44fed372ee24941d3c3bfac07805d971029e8ecc565786fd9a81

@wolfthefallen wolfthefallen released this Nov 22, 2017 · 308 commits to master since this release

Assets 3
  • Support resetting plugins options to their respective defaults
  • Moved Office 2007+ metadata removal to a new plugin
  • Added support for installing plugins from remote sources through the UI
  • Added timeout support for SPF DNS queries
  • Support for installing on Arch Linux
  • Multiple server improvements
    • Upgrade AdvancedHTTPServer to v2.0.11 to support async SSL handshakes
    • Support using an include directive in the server configuration file
    • Added a request-handle signal for custom HTTP request handlers
    • Removed address support from the server config in favor of addresses
    • Support login as an alias of the username parameter for credentials

MSI Build Hashes:

md5: 156b51730e03f0a23c4bb9dc9826d09d
sha1: f126824cec862ed6431f81f12e5995f0a95c9346
sha512: e4a4d3ba34d2072345c46904bc7424846044840604619d217798428e1a3ca7193562c84d6838f17157f86ed2861f941dbaa71b73117e47e48566fff33c00d800

@wolfthefallen wolfthefallen released this Jun 6, 2017 · 433 commits to master since this release

Assets 3
  • Warn Python 2.7 user that this is the last release Python 2.7 will be supported
  • The Windows MSI Build is now in Python 3.4
  • Install script now supports Red Hat Server 7
  • Support the client on OS X by using Docker
  • Support for issuing certificates with acme while the server is running
  • Add a wrapping tool for certbot to make the process easier
  • Updated tools/cx_freeze.py to build the King Phisher client in Python 3.4
  • Updated documentation for the Windows build
  • Multiple Bug Fixes, and tweaks to make things run smoother

MSI Build Hashes:

md5: 7cd7379597f43015d0f5972821c607c7
sha1: 3ed770dedd0bfce12b443e2fd1e40e90cf1f54e7
sha512: 199f81dee0cffb29d5b1d441f798e2271f4bbdf6a11aa618123aa41b14e2d9970b1af3db77a1fefb0cc553ed33def57923e7f9c4d921a8e779c072f6d3b3ff77

@wolfthefallen wolfthefallen released this Apr 14, 2017 · 492 commits to master since this release

Assets 3
  • Bug fix in the Windows build for HTTPS connections from the requests package

MSI Build Hashes:

md5: d8d5712e821b4e5fb84ecd8745eba0c5
sha1: 9501b7f6df8dfdba005e0d49f084e0e37490c7eb
sha512: 517c93b281b9dc56bf2168e4ace4dae7ab6782457406a9c155a07497b5a6fa4fb6dc650376eb7cddd8cde2b6180af631d67cb0dad1998c2c00d8be16bfd09d02

@wolfthefallen wolfthefallen released this Apr 4, 2017 · 493 commits to master since this release

Assets 3
  • Better error messages for malformed server configuration files
  • Support for sending to targets via To / CC / BCC fields
  • New features for client and server plugins
  • Add comparison of "trained" statistics to the campaign comparison
  • Support for including and importing Jinja templates from relative paths
  • Support for including custom HTTP headers in server responses
  • New feature to import Campaigns from XML files
  • Support for emails address with longer top level domain names

MSI Build Hashes:

md5: 6347ab2a70c04f62d17a6e417a222e15
sha1: a0013415968f4ce2f77519707921093ceef233a7
sha512: 1b4f102950865c9916206c1cf4697ae2cead1037e6dabca7d845c1b35c97d9fc98fb77da6050bba0d7319561805db720aeaae03c453aa74b79e929727ebf7665

@wolfthefallen wolfthefallen released this Jan 31, 2017 · 571 commits to master since this release

Assets 3
  • Support negotiating STARTTLS with SMTP servers that support it
  • Support for real time event publishing to the client
  • Support for a new GraphQL API for more efficient data queries
  • More flexibility in configuring server logging
  • Add persistent storage for server plugin data
  • Add a Jinja function to check if a password is complex
  • Add client message-data-export and message-data-import signals
  • King Phisher now starts with Python3 by default
  • tools/install.sh now creates a backup of server_config.yml when present
  • Minor bug fixes
    • Minor CSS fixes
    • Special characters now display in the UI correctly

MSI Build Hashes:
md5: 05f0164b3af02ad731871923ecd75f2b
sha1: a02e960999a746266db29c7290d993bf86d77425

@wolfthefallen wolfthefallen released this Dec 23, 2016 · 689 commits to master since this release

Assets 3
  • Minor bug fixes
    • Use Default SMS sender to fix SMS subscription with T-Mobile
    • Upgrade AHS to v2.0.6 to fix select polling
    • Corrected issue when attachment file is inaccessible
    • Fixed issue when message file directory is gone
    • Fixed server side encoding error with basic auth
    • Fixed TypeError handling while rendering templates
    • Fixed a unicode bug when processing targets csv
    • Fixed install.sh script for CentOS7 and python3
    • Fixed show exception dialog with Glib idle_add
    • Fixed a logic bug causing premature SMTP reconnects
    • Fixed Webkit-1 load_string Null error

MSI Build Hashes
md5: 53471bad68db464cbaea007eda75dd4d
sha1: 439a6a8a13b27d0ddefe5d37e316773f452d2731

@wolfthefallen wolfthefallen released this Oct 3, 2016 · 704 commits to master since this release

Assets 3
  • Automated installation script improvements
    • Backup an existing server configuration file
    • Log warnings when the PostgreSQL user exists
  • Improve the Metasploit plugin for session notifications via SMS
  • Support exporting credentials for use with Metasploit's USERPASS_FILE option.

MSI Build Hashes
MD5: f155c0130a620d5f27d498aa100cef16
SHA1: 8e37f4c95285de7b5c5bf703e3c2eca7b7c99ec3