Frameworks information gathering tool

King phisher: Phishing Campaign Toolkit

King Phisher
Written by Mubassir patel

King phisher: Phishing Campaign Toolkit

King phisher: Phishing Campaign Toolkit


Installation of King Phisher

Linux (Client & Server)

For installation on supported Linux distros:

wget -q && \
sudo bash ./

Windows (Client Only)

Download the latest Windows build here.

Windows 10 Subsystem For Linux (WSL)

  • Download VcXsrv from the Microsoft Store
  • Clone the king-phisher repo and install as normal
  • Include in your .bashrc/.zshrc file export DISPLAY=:0.0


King Phisher is a tool for testing and promoting user awareness by simulating real-world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content.

Feature Overview

  • Run multiple phishing campaigns simultaneously
  • Send the email with embedded images for a more legitimate appearance
  • Optional Two-Factor authentication
  • Credential harvesting from landing pages
  • SMS alerts regarding campaign status
  • Webpage cloning capabilities
  • Integrated Sender Policy Framework (SPF) checks
  • Geolocation of phishing visitors
  • Send the email with calendar invitations


A small number of plugins are packaged with King Phisher and additional ones are available in the Plugins repository.

Template Files

Template files for both messages and server pages can be found in the separate King Phisher Templates repository.

Message Template Variables

These are included here as a reference, check the templates wiki page for comprehensive documentation.

Variable Name Variable Value
client.company_name The target’s company name
client.email_address The target’s email address
client.first_name The target’s first name
client.last_name The target’s last name
client.message_id The unique tracking identifier (this is the same as uid) The email address in the “Source Email (MIME)” field
sender.friendly_alias The value of the “Friendly Alias” field
sender.reply_to The value of the “Reply To” field
url.tracking_dot URL of an image used for message tracking
URL.webserver Phishing server URL with the uid parameter
url.webserver_raw Phishing server URL without any parameters
tracking_dot_image_tag The tracking image in a preformatted <img /> tag
uid The unique tracking identifier (this is the same as client.message_id)

The uid is the most important and must be present in links that the messages contain.

About the author

Mubassir patel

Mubassir is a founder and developer of this site. He is a computer science engineer. He has a very deep interest in ethical hacking, penetration testing, website development and including all technology topic.

Leave a Comment