Top 23 Phishing Open-Source Projects

• wifiphisher

  5 12,681 1.3 Python

  The Rogue Access Point Framework

  

• gophish

  58 10,607 3.2 Go

  Open-Source Phishing Toolkit

  

Project mention: Any self-host FOSS suites for running phishing testing campaigns? | /r/selfhosted | 2023-05-21

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• zphisher

  17 10,277 0.0 HTML

  An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

Project mention: Htr-tech/zphisher: An automated phishing tool with 30 templates | news.ycombinator.com | 2023-12-25

• Awesome-Red-Teaming

  8 6,501 0.0

  List of Awesome Red Teaming Resources

• Modlishka

  11 4,670 6.0 Go

  Modlishka. Reverse Proxy.

• dnstwist

  23 4,535 7.8 Python

  Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Project mention: Have I Been Squatted? | news.ycombinator.com | 2023-11-27

• dns-blocklists

  82 3,889 8.5 Text

  DNS-Blocklists: For a better internet - keep the internet clean!

Project mention: Runs on your OpenWrt box: AdGuard Home is network-wide blocking ads and tracking | news.ycombinator.com | 2024-02-06

Hagezi blocklists are the current standard now: https://github.com/hagezi/dns-blocklists

You could go for one of the Lite blocklists for the network wide, family friendly (non-breaking) list.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• black-hat-rust

  48 3,044 4.3 Rust

  Applied offensive security with Rust - https://kerkour.com/black-hat-rust

  

Project mention: Cloudflare for Speed and Security | /r/CloudFlare | 2023-10-20

Bonuses: If you purchase Cloudflare for Speed and Security before November 4, 2023, you'll get my bestseller, Black Hat Rust, for free! Yes, you read it right, two books for less than the price of one!

• King Phisher

  3 2,141 0.0 Python

  Phishing Campaign Toolkit

  

• maskphish

  4 2,091 0.0 Shell

  Introducing "URL Making Technology" to the world for the very FIRST TIME. Give a Mask to Phishing URL like a PRO.. A MUST have tool for Phishing.

• Sooty

  1 1,282 0.0 Python

  The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

• espoofer

  2 1,267 0.0 Python

  An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻

• Phishing.Database

  5 1,030 8.3 Shell

  Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

• ThePhish

  17 1,005 0.0 Python

  ThePhish: an automated phishing email analysis tool

Project mention: How do you deal with phising emails at your company? | /r/cybersecurity | 2023-05-14

• DogeRat

  2 998 5.8 JavaScript

  A multifunctional Telegram based Android RAT without port forwarding.

• intelmq

  3 932 9.1 Python

  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

  

• Watcher

  3 795 3.4 Python

  Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS. (by Felix83000)

  

• chromepass

  5 751 0.0 Rust

  Chromepass - Hacking Chrome Saved Passwords

• phishing-frenzy

  1 749 2.9 PHP

  Ruby on Rails Phishing Framework

  

• EvilnoVNC

  1 716 5.5 JavaScript

  Ready to go Phishing Platform

• opensquat

  5 648 6.1 Python

  The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.

Project mention: Have I Been Squatted? | news.ycombinator.com | 2023-11-27

A different solution that runs locally is opensquat.

https://github.com/atenreiro/opensquat

• ethereum-lists

  2 610 4.0 JavaScript

  A repository for maintaining lists of things like malicious URLs, fake token addresses, and so forth. We love lists.

  

• Spoofy

  2 532 5.4 Python

  Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Phishing related posts

• Htr-tech/zphisher: An automated phishing tool with 30 templates
  1 project | news.ycombinator.com | 25 Dec 2023
• Have I Been Squatted?
  3 projects | news.ycombinator.com | 27 Nov 2023
• Domain Permutation - HaveIBeenSquatted & dnstwist
  2 projects | /r/cybersecurity | 1 Nov 2023
• OpenSquat
  1 project | news.ycombinator.com | 15 Jul 2023
• Accounting got phished. Paid out big bucks
  3 projects | /r/sysadmin | 31 May 2023
• any tips for using SET toolkit?
  2 projects | /r/hacking | 31 May 2023
• Phishing campaign defence advice
  1 project | /r/sysadmin | 26 May 2023
• A note from our sponsor - WorkOS
  workos.com | 25 Apr 2024

  The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com