Overview
Product video
GoPhish is an amazing simulator that makes simulating real-world attacks easy.
We take GoPhish one step further.
We make setting up your own phishing training server with ready-to-use templates simple.
You don't have to spend hours setting up and hardening your phishing infrastructure.
And setting up sending profiles.
And creating email and landing page templates.
So you can schedule your campaigns and address your security awareness gaps fast.
You'll see the impact much faster than traditional phishing simulation services.
In seconds, you can load in your company's address book...
Set up sending profiles, emails, and landing pages...
And run your campaign to see which users are phishing-prone so you can focus on training.
We make it easy to focus your efforts on the users who need your help the most...
So you can cut the number of phishing prone users in your organization.
Our clients rely on this improved version of GoPhish to train their users...
To identify already-compromised users...
To support physical red teaming engagements...
To simulate ransomware and USB drop attacks, and much more!
Try it yourself now!
Need an SMTP server for sending emails?
Need an IMAP server for receiving email reports from simulation recipients?
Make sure to read our usage instructions and support resources for setting up and configuring your SMTP/IMAP server, as well as how you can work with AWS to open the SMTP port for sending simulations.
Got other questions or want to discuss a private offer?
Get answers fast via email: support@hailbytes.com
Want to use your GoPhish server as your mail server when sending your campaigns?
Please create a support ticket for step-by-step help!
Highlights
- Optimized for AWS - simplified infrastructure, fast performance, scalable, increases security team productivity.
- Intuitive User Experience - easy onboarding with essential templates reduces cost of continuous phishing-prone testing.
- Identify Security Awareness Training Candidates - identify the employees that need additional security training fast and train them quickly!
Details
Typical total price
$0.542/hour
Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
- ...
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t2.nano | $0.50 | $0.006 | $0.506 |
t2.micro AWS Free Tier | $0.50 | $0.012 | $0.512 |
t2.small | $0.50 | $0.023 | $0.523 |
t2.medium | $0.50 | $0.046 | $0.546 |
t2.large | $0.50 | $0.093 | $0.593 |
t2.xlarge | $0.50 | $0.186 | $0.686 |
t2.2xlarge | $0.50 | $0.371 | $0.871 |
t3.nano | $0.50 | $0.005 | $0.505 |
t3.micro AWS Free Tier | $0.50 | $0.01 | $0.51 |
t3.small | $0.50 | $0.021 | $0.521 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Contact us at david@hailbytes.com if you're unhappy with this product for any reason and we'll resolve your issue.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Infrastructure Changes: No infrastructure changes this update.
Application Changes: We have updated tracking and URL templates for all landing pages and email templates. 35 email templates and landing page templates come pre-installed. We have also added a sending profile for Mailgun in addition to the existing profiles.
Additional details
Usage instructions
The GoPhish Phishing Framework will start automatically when the instance launches.
It will be added to a security group with port 3636 open to 0.0.0.0/0 which we advise you narrow to your office IP immediately.
Open an Internet browser to https://your-public-ipv4-dns:3636 and login with the default username (admin) and password (your-instance-id).
You'll be prompted to change your password immediately and you should use a strong password and store this in a password manager.
The server starts with an example certificate you can use for internal testing, you can generate a subdomain for your admin dashboard as well as for the phishing landing pages themselves by following our DNS/TLS documentation here: https://docs.google.com/document/d/e/2PACX-1vQIMus7nEI2aYOdhutUtcySaZdIXw7s0iFdesxiNXg_g5gmaDgagmcO5OLsLzamdOUrsOg7qgRUNw1I/pub
You'll need to login to the server via SSH and generate your own certificates for real-world testing.
Simply replace the .crt and .key files located in /opt and update the config.json in the same directory, then use service gophish restart to apply the new certificates.
Support
Vendor support
Email support provided within 3 business days, send an email with issue details and your AWS ID via email: support@hailbytes.com
Check our documentation here:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Customer reviews
Better than KnowBe4
This instance is my go-to method for performing phishing campaigns. It's easy to just spin up an instance and get started without dealing with the complications of other phishing simulators. I've been using Gophish for a few years now and couldn't be happier with the newest update and the product support from David.
Great instance
So we've been using their instance for well over a year, great support! highly recommend for those that need something better than know b 4 and micorsoft security phishing with a million more options with their API support
Do not recommend
The server runs well, but when you look under the hood, it's an expensive hourly license for a simple Docker installation. Supposedly the support is worth it, however I could not get anyone on the line.
Because docker proxy already occupies ports 80 and 443, it was difficult to add a certificate (e.g. with letsencrypt). Tried to call the support line quite a few times to resolve this but could never get someone the line.