performing-red-team-phishing-with-gophish

Instructions

1. Install dependencies: pip install gophish requests
2. Deploy GoPhish server and obtain an API key from Settings.
3. Use the Python gophish library to automate campaign setup:
   • Create email templates with HTML body and tracking
   • Configure SMTP sending profiles
   • Import target groups from CSV
   • Create landing pages for credential capture
   • Launch and monitor campaigns
4. Analyze campaign results: opens, clicks, submitted data, reported.

# For authorized penetration testing and lab environments only
python scripts/agent.py --gophish-url https://localhost:3333 --api-key <key> --campaign-name "Q1 Awareness" --output phishing_report.json

Examples

Create Campaign via API

from gophish import Gophish
from gophish.models import Campaign, Template, Group, SMTP, Page
api = Gophish("api_key", host="https://localhost:3333", verify=False)
campaign = Campaign(name="Q1 Test", groups=[Group(name="Sales Team")],
    template=Template(name="IT Password Reset"), smtp=SMTP(name="Internal SMTP"),
    page=Page(name="Credential Page"))
api.campaigns.post(campaign)