King Phisher is Phishing Campaign Toolkit
The King Phisher client is supported on Windows and Linux, while the King Phisher server is only supported on Linux.
Linux (Client & Server)
For installation on supported Linux distros:
wget -q https://github.com/securestate/king-phisher/raw/master/tools/install.sh && \ sudo bash ./install.sh
Windows (Client Only)
Download the latest Windows build here.
King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness training to more complicated scenarios in which user aware content is served for harvesting credentials.
King Phisher is only to be used for legal applications when the explicit permission of the targeted organization has been obtained.
Get the latest stable version from the GitHub Releases Page or use git to checkout the project from source.
- Run multiple phishing campaigns simultaneously
- Send email with embedded images for a more legitimate appearance
- Optional Two-Factor authentication
- Credential harvesting from landing pages
- SMS alerts regarding campaign status
- Web page cloning capabilities
- Integrated Sender Policy Framework (SPF) checks
- Geo location of phishing visitors
- Send email with calendar invitations
Both the client and server can be extended with functionality provided by plugins. A small number of plugins are packaged with King Phisher and additional ones are available in the Plugins repository.
Template files for both messages and server pages can be found in the separate King Phisher Templates repository. Any contributions regarding templates should also be submitted via a pull request to the templates repository.
Documentation for users of the application is provided on the project’s wiki page. This includes steps to help new users get started with their first campaigns. Additional technical documentation intended for developers is kept seperate as outlined in section below.
King Phisher uses Sphinx for internal technical documentation. This documentation can be generated from source with the command
sphinx-build -b html docs/source docs/html. The latest documentation is kindly hosted on ReadTheDocs at king-phisher.readthedocs.io.
Message Template Variables
The client message templates are formatted using the Jinja2 templating engine and support a number of variables. These are included here as a reference, check the templates wiki page for comprehensive documentation.
|Variable Name||Variable Value|
|client.company_name||The target’s company name|
|client.email_address||The target’s email address|
|client.first_name||The target’s first name|
|client.last_name||The target’s last name|
|client.message_id||The unique tracking identifier (this is the same as uid)|
|sender.email||The email address in the “Source Email (MIME)” field|
|sender.friendly_alias||The value of the “Friendly Alias” field|
|sender.reply_to||The value of the “Reply To” field|
|url.tracking_dot||URL of an image used for message tracking|
|url.webserver||Phishing server URL with the uid parameter|
|url.webserver_raw||Phishing server URL without any parameters|
|tracking_dot_image_tag||The tracking image in a preformatted
|uid||The unique tracking identifier (this is the same as client.message_id)|
The uid is the most important, and must be present in links that the messages contain.
King Phisher is released under the BSD 3-clause license, for more details see the LICENSE file.
Special Thanks (QA / Beta Testing):
- Jake Garlie – jagar
- Jeremy Schoeneman – Shad0wman
- Ken Smith – p4tchw0rk
- Brianna Whittaker
King Phisher Development Team:
- Erik Daguerre – wolfthefallen (@wolf_thefallen)
- Brandan Geise – coldfusion (@coldfusion39)
- Jeff McCutchan – jamcut (@jamcut)
- Spencer McIntyre – zeroSteiner (@zeroSteiner)