Creates a Docker composition containing instances of:
- gophish phishing framework.
- gophish-tools helper scripts.
- mailhog email testing tool.
- postfix mail server.
A sample docker composition is included in this repository.
To start the composition use the command: docker compose up
It's normal for the gophish-tools container to exit shortly after startup;
it is included in this composition as a convenience for phishing operators.
For usage details, read the
gophish-tools documentation.
The following gophish-tools helper scripts are available in the
gophish-tools directory:
import_assessment.sh: Simplifies the process of importing an assessment JSON file into the GoPhish server running in the local Docker composition (callsgophish-tools/gophish-importandgophish-tools/gophish-complete).export_assessment.sh: Simplifies the process of exporting assessment data from the GoPhish server running in the local Docker composition to a JSON file (callsgophish-tools/gophish-export).complete_campaign.sh: Simplifies the process of completing a campaign on the GoPhish server running in the local Docker composition (callsgophish-tools/gophish-complete).test_assessment.sh: Simplifies the process of sending test emails for an assessment in the GoPhish server running in the local Docker composition (callsgophish-tools/gophish-test).
Connect to the gophish admin web interface at:
https://localhost:3333.
The default credentials are admin, gophish.
Once the composition is running, gophish will need to be
configured to talk to mailhog and postfix. Create new
sending profiles for the two servers as listed below:
| Name | Host:Port |
|---|---|
| MailHog | mailhog:1025 |
| Postfix | postfix:587 |
The mailhog email testing tool can be accessed at http://localhost:8025
This composition exposes the following ports to the localhost:
- 1025:
postfix SMTP - 1587:
postfix submission - 3333:
gophish admin server - 3380:
gophish phish server - 8025:
mailhog web interface
- postfix
PRIMARY_DOMAIN: the domain of the mail serverRELAY_IP: (optional) an IP address that is allowed to relay mail without authentication
- gophish
config.json: gophish configuration fileadmin_fullchain.pem: public key for admin portadmin_privkey.pem: private key for admin portphish_fullchain.pem: public key for phishing portphish_privkey.pem: private key for phishing port
- postfix
fullchain.pem: public keyprivkey.pem: private keyusers.txt: account credentials
None.
We welcome contributions! Please see CONTRIBUTING.md for
details.
This project is in the worldwide public domain.
This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.
All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.