SimuPhish is a phishing simulation tool designed to raise security awareness by sending mock phishing emails and tracking user responses to assess susceptibility to phishing attacks. This tool helps organizations educate their employees about phishing threats and improve their overall security posture.
- Email Simulation: Send mock phishing emails to users.
- User Tracking: Track email opens, link clicks, and credential submissions.
- Report Generation: Generate reports on user interactions to evaluate phishing awareness.
- Customizable Templates: Easily modify email templates for different phishing scenarios.
- Backend: Flask, SQLAlchemy
- Frontend: HTML, CSS (Tailwind CSS)
- Database: SQLite
- Email: Flask-Mail for sending emails
- Version Control: Git
-
Clone the repository:
git clone https://github.com/yourusername/SimuPhish.git cd SimuPhish
-
Install the required packages:
pip install -r requirements.txt
-
Set up the database:
flask db init flask db migrate -m "Initial migration" flask db upgrade
-
Configure email settings in
app/config.py
:MAIL_USERNAME = 'your-email@gmail.com' MAIL_PASSWORD = 'your-email-password'
-
Run the application:
python run.py
-
Access the application at
http://127.0.0.1:5000
.
- To send a phishing email, navigate to the
/send_phishing_email/<recipient>
route, replacing<recipient>
with the recipient's email address. - The tool tracks interactions through a tracking pixel and handles user responses through the
/verify
and/submit_credentials
routes.
The programs have been tested on the Visual Studio Code IDE in Windows 11. You are free to choose any IDE that suits your needs.
If you come across any issues, have suggestions for improvement, or want to discuss further enhancements, feel free to contact me at jaya2004kra@gmail.com. Your feedback is greatly appreciated.
All the code in this repository is licensed under the GNU GENERAL PUBLIC License. You are free to use and modify it for educational purposes. However, I do not take any responsibility for the accuracy or reliability of the code.