I've updated the PapaParse JS library to the latest version from the master branch which supports the `escapeForumlae` option in order to prevent malicious event entries from being parsed and executed by the Gophish user's spreadsheet software. When a new PapaParse release is created, I'll update this code to use the updated minified file.
|1 year ago|
|.github/workflows||1 year ago|
|ansible-playbook||1 year ago|
|auth||1 year ago|
|config||1 year ago|
|context||1 year ago|
|controllers||1 year ago|
|db||1 year ago|
|doc||5 years ago|
|docker||2 years ago|
|imap||1 year ago|
|logger||1 year ago|
|mailer||1 year ago|
|middleware||1 year ago|
|models||1 year ago|
|static||1 year ago|
|templates||1 year ago|
|util||1 year ago|
|webhook||1 year ago|
|worker||1 year ago|
|.babelrc||2 years ago|
|.gitattributes||5 years ago|
|.gitignore||1 year ago|
|CONTRIBUTING.md||5 years ago|
|Dockerfile||1 year ago|
|ISSUE_TEMPLATE.md||4 years ago|
|LICENSE||1 year ago|
|README.md||1 year ago|
|VERSION||1 year ago|
|config.json||1 year ago|
|go.mod||1 year ago|
|go.sum||1 year ago|
|gophish.go||1 year ago|
|gulpfile.js||2 years ago|
|package.json||1 year ago|
|webpack.config.js||1 year ago|
|yarn.lock||1 year ago|
Gophish: Open-Source Phishing Toolkit
Gophish is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.
Installation of Gophish is dead-simple - just download and extract the zip containing the release for your system, and run the binary. Gophish has binary releases for Windows, Mac, and Linux platforms.
If you are building from source, please note that Gophish requires Go v1.10 or above!
To build Gophish from source, simply run
go get github.com/gophish/gophish and
cd into the project source directory. Then, run
go build. After this, you should have a binary called
gophish in the current directory.
You can also use Gophish via the official Docker container here.
After running the Gophish binary, open an Internet browser to https://localhost:3333 and login with the default username (admin) and password (gophish).
Documentation can be found on our site. Find something missing? Let us know by filing an issue!
Find a bug? Want more features? Find something missing in the documentation? Let us know! Please don't hesitate to file an issue and we'll get right on it.
Gophish - Open-Source Phishing Framework The MIT License (MIT) Copyright (c) 2013 - 2020 Jordan Wright Permission is hereby granted, free of charge, to any person obtaining a copy of this software ("Gophish Community Edition") and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.