Bot releases are hidden (Show)
We're excited to announce the release of Gophish v0.12.1. This is a minor release that includes a couple of bug fixes and one great new feature.
We've added the ability to set trusted_origins
in the config.json
file. This allows you to add addresses that you expect incoming connections to come from, which is helpful in cases where TLS termination is handled by a load balancer upstream, rather than the application itself. This has been a long discussed and requested feature so it's great to have! Thanks to @mcab and everyone else in this thread.
Our Continuous Integration workflow has been updated and is succeeding again. We've also updated the Release workflow, mitigating some security concerns and adapting it be able to build Windows releases again. These are (hopefully!) at the bottom of this post.
Some JavaScript files hadn't been minified properly, causing problems with adding customer headers. A small bug was fixed where copying a campaign would not show [Deleted] in an edge case - see https://github.com/gophish/gophish/pull/2482. Thanks @29vivek.
You can find the full changelog for this release here.
To upgrade, download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new Gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
SHA256 Hash | Filename |
---|---|
9ed2f88d6582b798a3448fb51080ff782b40cec8fb4855895720e9f782f68511 | gophish-v0.12.1-linux-32bit.zip |
44f598c1eeb72c3b08fa73d57049022d96cea2872283b87a73d21af78a2c6d47 | gophish-v0.12.1-linux-64bit.zip |
f80786dcb2c4037d7f9d6c9e8e8655c5eeaa8e46ef4032bda704b9ce18e23491 | gophish-v0.12.1-osx-64bit.zip |
e6936b8a472c730dcb0da64024d82341806869af666fad10f8639e7f85b1b7e6 | gophish-v0.12.1-windows-64bit.zip |
Published by glennzw about 2 years ago
We're excited to announce the release of Gophish v0.12.0. This release includes important security fixes, adds some features, and fixes some bugs.
This has been a long time requested feature, and we're super excited to release it! We've added the ability to add gophish variables to a number of file types which can be attached to emails. As a trivial example it is possible to include Hello {{.FirstName}}, please click here: {{.URL}}
to a Word document, or with a little more effort add tracking pixels to documents. This will allow notification of when users have opened attached files, or enabled macros in Office documents. We currently support the following file extensions: docx, docm, pptx, xlsx, xlsm, txt, html, ics. Please see the documentation for more guidance and examples.
Images in emails are now marked as embedded
rather than attached
, so email clients don't show them as attachments. This is a great addition to improve the quality of campaigns. Thanks @dzsibi
We've added the ability to specify an envelope sender in templates. If left empty, it will fallback to the SMTP-From in the Sender-settings. This can be used to pass SPF-checks but still send a spoofing email. Thanks @ChessSpider and @ptitdoc
Added minor functionality to display last login time for each user in the User Management page and the ability to lock user accounts.
Fixed a minor Open Redirect issue. Thanks @Kirill89
You can find the full changelog for this release here.
To upgrade, download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new Gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
SHA256 Hash | Filename |
---|---|
42f228158e91e2fce182fbd60a6669fcbed21f76186563f264a941efbc9c1159 | gophish-v0.12.0-linux-64bit.zip |
d06945497f0f3467748c50e518aa4e526e8c71cd7fa58c23541cb65477539306 | gophish-v0.12.0-osx-64bit.zip |
c0fdc4a980914893a9d19544bb6233586db8d81a139657e9773ca8e03c387a02 | gophish-v0.12.0-windows-64bit.zip |
Published by jordan-wright about 4 years ago
We're excited to announce the release of Gophish v0.11.0. This release includes important security fixes, adds some minor features, and fixes some bugs.
This release addresses multiple security issues that were identified and reported by the community. As always, we encourage sending in security reports via our security policy, and are appreciative of all the work that went in to finding and reporting these vulnerabilities.
The following vulnerabilities were fixed in this latest release:
Reported by: Marcus Nilsson of usd AG
Reported by: @dunderhay in #1908
An authenticated user could use certain features of Gophish to make inbound connections to the local network. The most critical of these is via the Landing Page import feature, which could be used to make arbitrary upstream web requests.
Since importing local webpages, or otherwise making local network connections (e.g. for SMTP/IMAP servers, webhook URLs, etc.) is an expected use case for Gophish we've decided to implement an opt-in allowlist. By default, we block access only to known IP addresses commonly associated with cloud metadata services, but it is now possible to explicitly set the allowed_internal_hosts
configuration variable in the admin_server
section of config.json to a list of allowed internal addresses.
More information can be found here.
Reported By: Marcus Nilsson of usd AG
Reported By: @dunderhay in #1901
Various cross-site scripting issues were identified and fixed. All issues required authenticated access and only affected either the user that created the objects, or an administrator using our "Impersonate" issue to impersonate the user that created the objects.
More information can be found in 4e9b94b and 19ef924d89f6e2459387d5645233f16fd07e01b3.
Reported By: Marcus Nilsson of usd AG
Malicious data could be submitted during a campaign that, when exported as a CSV and opened in a spreadsheet viewer, is interpreted as a formula leading to command execution.
More information on CSV Injection can be found here. More information about the fix can be found in b25f5ac5e468f6730e377f43c7995e18f8fccc2b.
Reported By: Marcus Nilsson of usd AG
An attacker could create an iframe which tricks an authenticated administrator into unexpectedly clicking the "Reset" button in the settings page, causing their API key to be reset, potentially causing a denial of service condition.
More information about the fix can be found in 6df62e85fd60f0931d3c8bfdb13b436a961bc9b6.
This release adds a basic password policy for administrators, and removes the default password "gophish". Instead, an initial password is randomly generated and printed in the terminal when Gophish is launched for the first time.
It is possible to override the initial password and API key with environment variables if needed.
This release adds the ability to mark emails as reported that were sent as an attachment. Additionally, it changes the underlying IMAP library to be more robust, eliminating some possible bugs.
Credit to @glennzw for the changes!
You can find the full changelog for this release here.
To upgrade, download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new Gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
SHA256 Hash | Filename |
---|---|
beb32e243e888f21849d3ee09a979a33cd1da7a7cd79438c8f56fce1a2d9d44c | gophish-v0.11.0-linux-32bit.zip |
f33ac7695850132c04d190f83ef54732421a8d4578be1475d3a819fe6173c462 | gophish-v0.11.0-linux-64bit.zip |
f1af96033c946ed2fe757b9b3a7aefc63ec3548f0ab21f01c44d70a58410ffbe | gophish-v0.11.0-osx-64bit.zip |
f5083bc084715319a4e671bc58dc28f66828fec78a43bd41456373fcc024703c | gophish-v0.11.0-windows-64bit.zip |
Published by jordan-wright over 4 years ago
We're excited to announce v0.10.1. This release significantly improves the performance of sending emails, adds some features and fixes bugs.
Here's just a couple of the exciting changes.
Thanks to the detailed report from @edermi in #1726, we were able to dramatically increase the speed at which we send emails- especially for large campaigns.
Administrators often have a need to help troubleshoot issues other users are seeing with Gophish. To make this easier, @glennzw added an impersonation feature in #1812 that allows system administrators to login to a user's account. This is available from the User Management page.
We've also changed our release process to use GitHub Actions. The bad news is that this means we won't be supporting 32-bit Mac or Windows releases at this time (we do support 64-bit releases!). The good news is that this will enable us to do much more frequent Gophish releases, getting awesome features and bugfixes out to the community even quicker.
With this in mind, please do let us know if you run into any issues with the releases below!
You can find the full changelog for this release here.
To upgrade, download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
SHA256 Hash | Filename |
---|---|
e236fea0628623c9158e01d189cf20766b2ebbb7cc1e6e53c1d4f49e039c98f7 | gophish-v0.10.1-linux-32bit.zip |
d075245dd146494ee1d25d2c6201ef84a5a2cdb6d38adc152df3b71ab8e91845 | gophish-v0.10.1-linux-64bit.zip |
1c8e4cbd8da090b9f6f38eb5605d7b1753b3f60ccf705e943befe98ff4969ab4 | gophish-v0.10.1-osx-64bit.zip |
7c01df6bbeeca6a9a6dd0fc28e12eb329414c3d15c8f0dec237bf6535e4d268a | gophish-v0.10.1-windows-64bit.zip |
Published by jordan-wright over 4 years ago
SHA256 Hash | Filename |
---|---|
e9b754682d6476d0ff07e9d0bb4d7634e0e4d0ebba570c3a0f27574358636415 | gophish-v0.10.0-linux-32bit.zip |
7a6186d90eb4d75f773a09baf035b877f952136e7e73d2e8f680c83bb1524082 | gophish-v0.10.0-linux-64bit.zip |
4abbb083be9f5b9f11a92cbe024449be3825e60b67140356bc236fe82f244723 | gophish-v0.10.0-osx-64bit.zip |
087edf7e1b64aa66912b4780a5914d4cfbfd78b8e1fd8046da7c6b08c79388cd | gophish-v0.10.0-windows-64bit.zip |
Published by jordan-wright over 4 years ago
We're excited to announce v0.9.0. This release adds big features, improves performance, and fixes bugs.
Here's just a couple of the exciting changes.
Ever since Gophish was launched, we've had the ability to fetch campaign results via the API. But sometimes, you may want to have campaign updates pushed directly to you as they happen.
To solve this problem, we've added support for webhooks.
When you configure a webhook, Gophish will make (optionally signed) HTTP requests to an endpoint you control. These requests include the JSON body of the event that just happened- the exact same JSON that you would normally receive via the API. This gives you real-time updates to your campaign as they happen.
You can find more information about using webhooks in our documentation.
Webhook support was sponsored by Al Lowenstein and implemented by @GildedHonour in #1642. Thank you both for all your help making this happen!
I always encourage folks using Gophish to focus not only on minimizing the click through rates, but even more so on increasing the reporting rate. To that end, many companies have an email address they encourage employees to send any potential phishing emails.
I've often got feedback that it'd be great if Gophish emails sent to that email address would automatically show as "reported" in the campaign results. Now that's possible!
Thanks to the great work from @glennzw, you can now configure IMAP details which Gophish will use to fetch any campaign emails, marking them as reported. Thank you for all your amazing work @glennzw!
You can find more information about configuring reporting via IMAP in our documentation.
While there are amazing performance improvements and bug fixes included in this release, you'll notice something about the two big features listed above- neither were built by me (@jordan-wright).
This is incredibly exciting. I've long held that the community around Gophish is my favorite thing about the entire project. We have a group of folks contributing to issues, offering advice and feature requests and, with this release, contributing core features that make Gophish even better.
Thank you all for everything you do. We have big things planned for Gophish, and I'm excited to build them alongside you all.
To upgrade, download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
SHA256 Hash | Filename |
---|---|
f12ad070007b4d764e7e7816db8dae1f8002483c9aff81e2437319e9c6521465 | gophish-v0.9.0-linux-32bit.zip |
ffcdf7a1a8590b6de70660754c88ef2be3c3b69e1dd5ae18c472dbd26d5ff534 | gophish-v0.9.0-linux-64bit.zip |
6780ea4124eeaefa1cd0a5c2a825f4457dfda807b43be741bbbd22ab8e870099 | gophish-v0.9.0-osx-32bit.zip |
ab283c49625af335bf6fee1b65f386bd69cece68d2ed9bd051b4de9b43b3dd5e | gophish-v0.9.0-osx-64bit.zip |
d63ae01b2152f1964ffb9dc1d4d36fe3e8b8abcaffa74e1750770e6b8b321c3f | gophish-v0.9.0-windows-32bit.zip |
7f1593d5fafe3590acaed4157c47d5c00ba9a30df86382d3f6c531369f8d9123 | gophish-v0.9.0-windows-64bit.zip |
Published by jordan-wright about 5 years ago
tl;dr - New version of Gophish. Lots of improvements. Binaries can be found above. π
We're excited to announce v0.8.0. This release fixes a bunch of bugs, adds a few features, and lays the groundwork for really cool features to come.
This release includes initial support for Role-Based Access Control (RBAC). Specifically, it introduces global roles that separates admins from non-admins. You can find more information here.
Users with the admin role have access to the user management API. This API allows you to create and manage users programmatically. You can find documentation for this API here.
We've added a Dockerfile
so that you can build Gophish in a container. We'll be uploading an official Docker image at gophish/gophish
shortly.
While this isn't a user-facing change, it's a big one. We've refactored a bunch of the code to be cleaner and more structured. This will help new developers coming into Gophish to get up and running more quickly.
Those are the big changes, but that's certainly not everything! You can find a full changelog here.
To upgrade, simply download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new gophish binary and you'll be good to go!
I want to also take a quick moment to say thank you to everyone. The community is what makes Gophish great. I'm so thankful to everyone who leaves questions, suggests features, and goes the extra mile to help others out.
Thank you all for everything you do!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
Note: The
VERSION
file for these releases still says 0.7.1. This was an oversight during the release process. After upgrading, even if you see 0.7.1, you're certainly running the 0.8.0 codebase. I apologize for the inconvenience!
SHA256 Hash | Filename |
---|---|
80cb2c13b9f34dd2a5454c15065af81c15d09fbf30298cce276ba1fa7318462b | gophish-v0.8.0-linux-32bit.zip |
8a64368f31a10d7e0bbedfce8827fcd9fbbfa8d0fc5b5d6a3c467569a7818d26 | gophish-v0.8.0-linux-64bit.zip |
9209ccab7087e432e0fbd1ecf8772ac5d1cb92839b89907cdbe02ff3b392dd6b | gophish-v0.8.0-osx-32bit.zip |
95a1adcd9c1e56c2cc6525140fb65e4dda7f89e91497ed5498d09c4319e9c2f7 | gophish-v0.8.0-osx-64bit.zip |
68de55454a4fca68a61b3bd3359986b26423484350ff947e59a31e0b174ff4cc | gophish-v0.8.0-windows-32bit.zip |
8bd15a7484e363e0573d0afad31b56e3bbf634dcce377bb4b1ef24a7146823d0 | gophish-v0.8.0-windows-64bit.zip |
Published by jordan-wright about 6 years ago
In the previous version, we introduced the {{.BaseURL}}
template variable that points to the root URL. This helps make things like pointing to static files easier. See #1189 for more details.
Turns out, this didn't work for email template validation, since we weren't checking for all possible template tags. I'm sorry for the inconvenience!
The good news is that this is fixed now, and should have only been an issue if you were trying to use the new {{.BaseURL}}
tag. Since this was something I promised and it didn't work, I wanted to roll out a hotfix.
For all the full details in the latest release, check out the 0.7.0 release notes.
SHA1 Hash | Filename |
---|---|
9bf4cf0905b1d171092a726cae6eafc6c837d926 | gophish-v0.7.1-linux-32bit.zip |
77d8cf20e8b9591b3e8b8123653156d77a4ff0cb | gophish-v0.7.1-linux-64bit.zip |
0b88b6d42a7907cfbd1f18574c230158c280d766 | gophish-v0.7.1-osx-32bit.zip |
1a628ff9aa9a3f398d060e1644bc52a68aa102d4 | gophish-v0.7.1-osx-64bit.zip |
798486c3bdb6c261625bd2b0605b1311b3ab3c7d | gophish-v0.7.1-windows-32bit.zip |
1651769aa4f66401107efc04c035d96c8ef4e463 | gophish-v0.7.1-windows-64bit.zip |
Published by jordan-wright about 6 years ago
tl;dr - New version of Gophish. Lots of improvements. Binaries can be found above. π
We're excited to announce v0.7.0. This release is packed with improvements that make Gophish more powerful than ever.
When setting up a campaign, you want to know what the email and landing page looks like. Previously, to do this you would have to set up a separate campaign just for yourself, since there was no way of testing the full flow.
This isn't good.
In this Gophish release, we've fixed this! Now, when sending a test email from the campaign builder, clicking on the links will load up the landing page, showing you exactly what your recipients would see.
Before this release, emails for a Gophish campaign were all sent at the same time. This is great in some cases, but sometimes you want to spread out the emails over a period of minutes, hours, or even days.
Now you can!
In this release, we've added a new field called "Send Emails By". If you set this field, then Gophish will spread out the emails evenly between the campaign launch and this date.
No one likes looking through raw logs to see what kinds of devices are clicking on links. Now you don't have to!
In this release, we parse the user-agents for devices that click links or submit credentials, and we show that information in the campaign details:
As mentioned in #1057, we can do a better job of running friendly phishing simulations. The only approved use of Gophish is to run authorized phishing simulations, so we've added some features to make these campaigns more transparent.
Specifically, we've added:
contact_address
field to the config.json
. This field is inserted as an X-Gophish-Contact
header in outgoing emailsX-Mailer
header is set to gophish
for outgoing emailsrid
. This returns a JSON response containing the contact address and indicates that the email was generated by GophishThose are the big features, but that's certainly not everything! You can find a full changelog here.
To upgrade, simply download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new gophish binary and you'll be good to go!
I want to also take a quick moment to say thank you to everyone. The community is what makes Gophish great. I'm so thankful to everyone who leaves questions, suggests features, and goes the extra mile to help others out.
Thank you all for everything you do!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
SHA1 Hash | Filename |
---|---|
63149165688d3ca989974e32b5716be7e87ed6b4 | gophish-v0.7.0-linux-32bit.zip |
f113435940626c3f13448ce8e12aafb3e347c504 | gophish-v0.7.0-linux-64bit.zip |
45736f416e475541ac214611f41c40fb967167dd | gophish-v0.7.0-osx-32bit.zip |
d9b3ac3a2cf11f53bd33196d0310167ffb43cd8a | gophish-v0.7.0-osx-64bit.zip |
98ad9756fa95d43af99b12f8d08423f71dc7fc14 | gophish-v0.7.0-windows-32bit.zip |
f069cc4f4c9c50e422923f205c34eb226a2ea550 | gophish-v0.7.0-windows-64bit.zip |
Old hashes (only valid if you downloaded the release immediately after it was published before I got a chance to bump the VERSION
file):
SHA1 Hash | Filename |
---|---|
dfddc8a8038fa612022bb22e823e2a51b343e261 | gophish-v0.7.0-linux-32bit.zip |
261efd81c727021dfa039fe081ff7941cd86f9ee | gophish-v0.7.0-linux-64bit.zip |
5ca9e90bc8c6ed0494ddb29deb907548859c5ab0 | gophish-v0.7.0-osx-32bit.zip |
c0ffcc5f06799c807b79c3b41cefa6785c853dd8 | gophish-v0.7.0-osx-64bit.zip |
fd12ebc44c964e8577f688405f6c01d470335d9f | gophish-v0.7.0-windows-32bit.zip |
8000eec9d77a3d6987aa57b7d61736717238c471 | gophish-v0.7.0-windows-64bit.zip |
Published by jordan-wright over 6 years ago
tl;dr - New version of Gophish. Lots of improvements. Binaries can be found above. π
We're excited to announce v0.6.0 of Gophish! This fix has a bunch of bug fixes (including a couple of low-severity security fixes) and a couple of new features.
The biggest new feature in this release is the ability for users to report phishing emails to Gophish and to have those reports displayed in the dashboard. We don't have email clients ready for this quite yet, so everything is just implemented on the server-side for now.
Huge thanks to @S0larflare for making this happen!
Here are just a few of the bugs fixed in this release:
And more!
To upgrade, simply download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new gophish binary and you'll be good to go!
I want to also take a quick moment to say thank you to everyone. The community is what makes Gophish great. I'm so thankful to everyone who leaves questions, suggests features, and goes the extra mile to help others out.
Thank you all for everything you do!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
SHA1 Hash | Filename |
---|---|
301620234118f7d33a22beaebeb772f3211b1592 | gophish-v0.6.0-linux-32bit.zip |
6e6c621cab279f136f8d7b29b60b291b441e4bba | gophish-v0.6.0-linux-64bit.zip |
a87e2eeebc8d62b6905a9d7eb59c7b7b4d2291e9 | gophish-v0.6.0-osx-32bit.zip |
426def461471012f274dbeca01c37471934b723e | gophish-v0.6.0-windows-32bit.zip |
ed5ed65b9e0d1a98fb1034fd080d76e7da8f0273 | gophish-v0.6.0-windows-64bit.zip |
Published by jordan-wright over 6 years ago
tl;dr - New version of Gophish. Lots of improvements. Binaries can be found above. π
We're excited to announce v0.5.0 of Gophish! This release fixes all sorts of pesky bugs, and includes some big changes to the way emails are handled.
We've completely redone the way emails are sent by Gophish. In previous versions, we made a single pass at sending campaign emails. If anything went wrong, the rest of the emails would fail. As you can imagine, this isn't ideal.
We've rearchitected this process where Gophish now queues up emails and tries to send them, retrying as necessary. This is far more fault tolerant and reliable. You can refer to #878 for details.
This also has other benefits. For example, in previous versions of Gophish, if you launched a campaign immediately, it might still take up to a minute for emails to be sent. Now, they're sent as soon as the campaign is launched. No more waiting!
I've now fully automated the process of compiling and uploading Gophish binaries. This is huge because it means we can make Gophish releases much more quickly and reliably. I'll write up a blog post later with the details.
This is the first run using the new process, so let me know if you encounter any issues.
To upgrade, simply download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue.
Details:
SHA1 Hash | Filename |
---|---|
49dea979cc829ea3c0750791aa22cb890bbfac72 | gophish-v0.5.0-linux-32bit.zip |
d3278c0d5e6cb382b137d2e3720ed30c0a03e8df | gophish-v0.5.0-linux-64bit.zip |
61cab355927c3f9907a94ca3c5346ff97d428d6a | gophish-v0.5.0-osx-32bit.zip |
437a2a6cbdbbe8523c41e6822791e6d3c6bd293f | gophish-v0.5.0-osx-64bit.zip |
eaf0d5358c0244c90ee454e10b174155ae96a90b | gophish-v0.5.0-windows-32bit.zip |
2f01937ecc6bc6ab007361424ecb03f61ff3ba5b | gophish-v0.5.0-windows-64bit.zip |
Published by jordan-wright about 7 years ago
tl;dr - New version of Gophish. Lots of improvements. Binaries can be found below. π
We're excited to announce v0.4.0 of Gophish! This release fixes all sorts of pesky bugs, gives 100% more donut charts and 100% fewer useless maps. Give it a shot! We think you'll really like it.
This release doesn't come with any completely new features but we still made big changes we think you'll like.
The target map is now an optional feature. We realized that most tests are internal and that even if it's an external test, the map simply takes up space. Now, you can re-enable it in the "Settings" page. (#747)
We've moved all charts from Chartist.js to Highcharts. Highcharts is a well established library that gives good performance and tons of great features. So, for example, now the campaign timeline is fully zoomable. π
Datetimes are now stored in UTC format in the database. So, the API will now return dates in UTC as opposed to the browser's local time zone. This gives us more consistency in the case where browser's and servers have different time zones when campaigns are scheduled. It's worth noting that we adjust the times on the frontend so that all campaigns and scheduling in the browser still show local time. We just convert everything to UTC for storage. (#316)
We changed the font size in the UI from 18px to 16px. This should give a bit more space and improve the look and feel. I guess this was a π small change.
We just launched the new version of our website at getgophish.com. This was created with hand crafted artisanal HTML, so be sure to check it out.
To upgrade, simply download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db file into the new directory. Then, run the new gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue directly.
Details:
SHA1 Hash | Filename |
---|---|
0254e5b9a1febc34611271cc0b56e42c5b9d4bb1 | gophish-v0.4-darwin-32bit.zip |
80a6017a0080aaacf2ceb042a78e67e301bba623 | gophish-v0.4-darwin-64bit.zip |
4502fa44fe0a7ea0e9defcc49f33fe76fbf5bac4 | gophish-v0.4-linux-32bit.zip |
252f0f2d7712d83c3495734b6e74485f0f3f35d9 | gophish-v0.4-linux-64bit.zip |
db5324935450e5a8377c81d213c59937a594e551 | gophish-v0.4-windows-32bit.zip |
4d9082b97ca9fd36c8195a536f45197b07b37989 | gophish-v0.4-windows-64bit.zip |
Published by jordan-wright over 7 years ago
tl;dr - New version of Gophish. Tons of features. Binaries can be found below. π
We're excited to announce Gophish v0.3.0. This release is packed with updates, so we think you'll really enjoy it.
Here are just some of the new features in this release:
To make working with the API even easier, we've developed an official Python API client.. This will make it easier to orchestrate Gophish to create, launch, and manage campaigns.
Gophish has an incredible community. I wanted to make a spot in these release notes to call out some key contributions that helped make this release amazing:
All documentation is being moved to our Gitbooks repo here: https://www.gitbook.com/@gophish. Gitbooks allows us to easily manage our documentation and publish both online hosted docs, as well as downloadable PDFs.
We're still finalizing our docs, so please bear with us as we make sure everything is fully documented - especially related to API endpoints.
To upgrade, simply download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db
file into the new directory. Then, run the new gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about Gophish? Let us know by filing an issue directly.
Published by jordan-wright almost 8 years ago
Sorry for the wait. We promise it was worth it.
This release marks Gophish's 3 year anniversary. When I first set out to build Gophish, I wanted to create the best phishing framework possible. This release gets us one step closer to that goal.
We've been busy! Here are just some of the new features in this release:
gomail
sweetalert2
<a>
tags in imported emails to point to Gophish listenerIn addition to new features, we've also fixed a ton of bugs including:
Here are all issues we closed during this release.
There are a couple of important things to note moving forward:
I want to provide the best support possible for gophish. While I like the idea of email support, it's just not the right way to move forward with gophish for a few reasons.
Specifically, I want support cases to be transparent so that the community can work together to solve them. If I receive an email, it's completely subject to me remembering to respond to it when I can if I remember.
I also found that I receive a significant amount of duplicate questions via email. Responding to each of these takes up cycles that could otherwise be spent innovating on Gophish features.
That being said, feel free to send nice words about gophish to our email address, but from now on all support tickets will be required to go through our Github issues, where all of them have been and will continue to be responded to. π
You'll notice that this release no longer contains a PDF of our User Guide. I'm experimenting with different ways to open up documentation to changes from the community. Right now, I've moved nearly everything to our wiki, but will continue tracking down the right fit for the Gophish documentation.
Update 12/14 - All documentation is being moved to our Gitbooks repo here: https://www.gitbook.com/@gophish
To upgrade, simply download the release for your platform, extract into a folder, and copy (remember to copy, not move so that you have a backup) your existing gophish.db
file into the new directory. Then, run the new gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about gophish? Let us know by filing an issue directly, or contacting us through our support page.
Published by jordan-wright over 8 years ago
This is the second release of gophish, and we couldn't be more excited! In this release, you'll find insanely cool features, numerous bug (or feature) fixes, and more.
Here are just a few of the added features since our last release:
These features came in the form of over 15 pull requests, and 56 closed issues.
This release is awesome, and you should feel awesome for using it.
To upgrade, simply download the release for your platform, extract into a folder, and copy your existing gophish.db
file into the new directory. Then, run the new gophish binary and you'll be good to go!
Now, one more thing:
Have questions, comments, or feature ideas about gophish? Let us know by filing an issue directly, or contacting us through our support page.
Published by jordan-wright over 8 years ago
This release is the first public beta release of gophish. We are excited about all the awesome features this release brings, and are excited for you to give it a spin.
Here are just a few of the added features since the initial alpha pre-release:
These features came in the form of over 10 pull requests, and over 30 closed issues.
In addition to the added software features, we launched our public website! We will be updating the blog periodically with software updates as well as engineering notes. You can find our official release announcement here.
Have questions, comments, or feature ideas about gophish? Let us know by filing an issue directly, or contacting us through our support page.
Published by jordan-wright almost 9 years ago
This is the alpha release of gophish. It contains all the functionality needed to create and launch a realistic simulated phishing campaign and record the results.