Audience
Companies, red teams, security service providers
About Phishing Club
Phishing Club is an open source phishing simulation and red team phishing framework for authorized security testing. Self host it on your own server via a one line installer or Docker.
Plan, launch, and measure realistic campaigns from a single Go binary with an embedded web UI, HTTP/HTTPS phishing servers, and a REST API.
Features: multi stage phishing flows, flexible scheduling, multiple domains with automatic TLS, SMTP or custom API delivery with OAuth, recipient groups with CSV import and SCIM, PDF campaign reports, analytics, multi tenancy, MFA and
SSO (Entra ID, OIDC), webhooks, and in app updates.
Red team and AiTM: reverse proxy phishing to capture sessions, remote browser phishing, DOM and URL rewriting, dynamic obfuscation, JA4 and geo IP filtering, and device code phishing.
Other Popular Alternatives & Related Software
C9Phish
C9Phish by C9Lab is a comprehensive phishing simulation and training platform designed to help organizations identify, measure, and reduce cybersecurity risks related to phishing attacks. By simulating real-world phishing attempts, C9Phish enables companies to test employee awareness, pinpoint vulnerabilities, and strengthen their overall security posture. It allows security teams to create customizable phishing campaigns that mimic various attack vectors, including email, SMS, and social engineering tactics, providing a realistic training environment. With detailed analytics and reporting tools, organizations can track employee responses, measure risk levels, and identify departments or individuals needing further training. C9Phish also offers automated training modules, delivering targeted education and feedback to employees who fall for simulated attacks, helping them recognize and avoid future threats.
Learn more
Gophish
Gophish is a powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing. Gophish makes it easy to create or import pixel-perfect phishing templates. Our web UI includes a full HTML editor, making it easy to customize your templates right in your browser. Launch the campaign and phishing emails are sent in the background. You can also schedule campaigns to launch whenever you'd like. Detailed results are delivered in near real-time. Results can be exported for use in reports. Gophish has a gorgeous web interface. Import existing websites and emails, enable email open tracking, and more with a single click. Gophish updates results automatically. Using the UI, you can view a timeline for each recipient, tracking email opens, link clicks, submitted credentials, and more. Everything in Gophish is designed to "just work". It's so easy to setup, easy to use, and quick to give powerful results that you'll think it's magic.
Learn more
PhishTitan
Powerful Inline Phishing Protection for M365. Harness the power of AI and our LLM to defeat phishing. PhishTitan is next generation inline phishing protection and remediation, powered by TitanHQ, the global leaders in email cybersecurity.
Our proprietary large learning model and AI integrates directly with Microsoft 365, both catching and remediating sophisticated phishing and BEC attacks that Microsoft misses. It provides users with in-the-moment warning banners to help them decide whether an email is malicious or safe, continually enhancing the human firewall.
Risk free deployment in 6 minutes. PhishTitan will filter your email to identify phishing threats and protect your users and business. That’s how you AVOID that one wrong click that can lead to disaster – all it takes is 6 minutes! The TitanHQ team has been a category leader in the email security field for over 20 years. Bringing the experience of working with over 12,000 customers to our new phishing solution.
Learn more
PhishByte
PhishByte is an Australian phishing simulation and cyber security awareness training platform built for small and medium-sized businesses. Designed to reduce human cyber risk, PhishByte delivers realistic phishing simulations, short interactive training modules, and real-time Human Risk Scores that track team progress over time.
Unlike one-off compliance tick boxes, PhishByte builds lasting behavioural change through continuous simulation and just-in-time learning. When an employee clicks a phishing link, they receive an immediate training intervention — making the lesson relevant and memorable.
PhishByte aligns with the Australian Cyber Security Centre's Essential Eight framework and helps organisations meet Privacy Act obligations. It requires no dedicated IT team and is simple to set up and manage.
Plans start free for up to 10 users, with Professional and Enterprise tiers available for growing teams.
Learn more
Pricing
Starting Price:
0
Pricing Details:
Open source and free
Free Version:
Free Version available.
Company Information
Phishing Club
Founded: 2025
Denmark
phishing.club
Videos and Screen Captures
Dashboard - Stats
Other Useful Business Software
The AI-powered unified PSA-RMM platform for modern MSPs.
SuperOps.ai is the only PSA-RMM platform powered by intelligent automation and thoughtfully crafted for the new-age MSP. The platform also helps MSPs manage their projects, clients, and IT documents from a single place.
Product Details
Platforms Supported
Linux
Training
Documentation
Support
Online
