Newest Listing

Top Rated

Most Popular

Phishing AssessmentRSS

Phishing security assessment tools allow you to identify knowledge gaps, the employees who are most likely to fall for scams, and the areas of your organization that are most susceptible to attack. Sophistication in this product space varies greatly, and free/open source tools are few. In the commercial space, often a phishing simulator and computer-based security awareness training are bundled together, so the wayward employee can be immediately "schooled".

Additional Reading and Resources:
How to Run Effective Phishing Assessment and Training Campaigns Employees Don’t Hate - InfoSecurity Magazine
Anti-Phishing Working Group

Visit the Product Site

Gophish is an open-source phishing toolkit meant to help pentesters and businesses conduct real-world phishing simulations. It is a phishing framework in the Go programming language, released as compiled binaries with no dependencies.

VendorJordan Wright
Pricing ModelOpen Source
Modified
Tags
LUCY

Visit the Product Site

The LUCY Social Engineering Suite and Malware Testing Suite (or CYBERSECURITY CRASH TEST DUMMY) facilitate multiple application areas. They can be used for: – People testing and education – Technology assessments – An inoffensive penetration test sho ...

VendorLucy Phishing GmbH
Pricing ModelCommercial
Modified
Tags

Visit the Product Site

Phishing Frenzy is an Open Source Ruby on Rails application that is leveraged by penetration testers to manage email phishing campaigns. The goal of the project is to streamline the phishing process while still providing clients the best realistic phishi ...

VendorBrandon McCann
Pricing ModelOpen Source
Modified
Tags

Visit the Product Site

King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features a flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging fro ...

VendorSecureState
Pricing ModelOpen Source
Modified
Tags

Visit the Product Site

SPF (SpeedPhish Framework) is a python tool designed to allow for quick recon and deployment of simple social engineering phishing exercises. SPF includes many features that allow you to quickly configure and perform effective phishing attacks, including ...

VendorAdam Compton
Pricing ModelOpen Source
ModifiedNever
Tags

Visit the Product Site

For phishing, SET allows for sending spear-phishing emails as well as running mass mailer campaigns, as well as some more advanced options, such as flagging your message with high importance and adding list of target emails from a file. SET is Python base ...

VendorTrustedSec
Pricing ModelOpen Source
ModifiedNever
Tags

Visit the Product Site

SecurityIQ combines a phishing simulator and computer-based security awareness training in one cloud-based service.

VendorInfoSec Institute
Pricing ModelOnline Use Only
ModifiedNever
Tags

Visit the Product Site

ThreatSim attack simulation product provides a phishing-focused security awareness training program. The ThreatSim mock attack system allows you to deliver simulated phishing emails with embedded Teachable Moments, which display targeted "just-in-time tea ...

VendorWombat Security Technologies
Pricing ModelService
ModifiedNever
Tags

Visit the Product Site

Duo Insight is a free phishing assessment tool by Duo Security that allows you to find vulnerable users and devices in minutes and start protecting them right away.

VendorDuo Security
Pricing ModelOnline Use Only
ModifiedNever
Tags

Visit the Product Site

A free tool that provides a simple, safe and effective mechanism for security teams and administrators to run their own phishing tests inside their organization. Simply install the application on a server or workstation and create a url email/sms/etc. cam ...

VendorMicroSolved, Inc.
Pricing ModelFreeware
ModifiedNever
Tags