King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attacks. It features an easy to use, yet very flexible architecture allowing full control over both emails and server content. King Phisher can be used to run campaigns ranging from simple awareness training to more complicated scenarios in which user aware content is served for harvesting credentials. King Phisher is only to be used for legal applications when the explicit permission of the targeted organization has been obtained.
Run multiple phishing campaigns simultaneously Send email with embedded images for a more legitimate appearance Optional Two-Factor authentication Credential harvesting from landing pages SMS alerts regarding campaign status Web page cloning capabilities Integrated Sender Policy Framework (SPF) checks Geo location of phishing visitors Send email with calendar invitations
Surprisingly user-friendly application
The application can be installed in a just a matter of seconds and upon first launching it, you are required to log in using credentials like server address, username, password, SSL and HTTP port. It comes with a well-structured main window and to a clear-cut interface, working with this utility is quite straightforward.
You can start running simple campaigns against phishing attacks or even complicated scenarios by firstly filling in the required information in the Configuration tab. You can also edit the HTML structure of your campaign, preview it in real time and get accurate details about the messages, visits and credentials.
Useful set of features for simulating phishing attacks
You should also be aware of the fact that King Phisher enables you to run multiple phishing campaigns simultaneously, to send emails with images (for a more credible appearance) or with calendar invitation and to even clone web pages. Credential harvesting from pages capabilities, support for SMS alerts regarding the campaign's status and support for geolocation of phishing visitors, as well as more complicated two-factor authentication, are also part of King Phisher's feature list.
What is more, the app makes it possible for you to both import and export campaigns to CSV, Excel and XML formats.
Run multiple, separate anti-phishing campaigns with the least amount of effort
All in all, King Phisher is a comprehensive security-related tool that is exceptionally good at simulating real-life phishing attacks with accurate details and appearance.
In the end, we would like to mention that King Phisher actually uses a client-server configuration and that only the client is supported on Windows, therefore, you are required to run the server on a Linux-based machine.
- Bug fix in the Windows build for HTTPS connections from the requests package Homepage