Enterprise-grade open-source phishing campaign simulation and management framework.
King Phisher is a robust, open-source framework designed to simulate real-world phishing attacks for security testing and awareness training. Built on a client-server architecture, it allows multiple analysts to collaborate on a single campaign simultaneously. Technically, it utilizes a Python-based backend with a PostgreSQL database to manage state, while the client interface is built using GTK3. Its architecture is specifically optimized for high-volume delivery and granular tracking, including the ability to monitor email opens, link clicks, and credential submission in real-time. In the 2026 landscape, while many organizations have moved to SaaS-based awareness platforms, King Phisher remains a staple for Red Teams and advanced security researchers who require full control over their data, infrastructure, and bypass techniques without the restrictions often found in commercial platforms. It supports advanced features like SMS phishing (smishing), geographic location tracking via IP address, and deep integration with Jinja2 for dynamic email and web template rendering. Its extensible plugin architecture ensures that it can be adapted to modern MFA-bypass scenarios and complex social engineering workflows, maintaining its relevance as a top-tier tool for professional security assessments.
King Phisher is a robust, open-source framework designed to simulate real-world phishing attacks for security testing and awareness training.
Explore all tools that specialize in credential harvesting. This domain focus ensures King Phisher delivers optimized results for this specific requirement.
Server-client architecture allows multiple red team members to view and manage the same campaign in real-time.
Integrated web server automatically captures and logs data submitted via custom landing pages.
Automatically resolves target IP addresses to geographic locations during interaction.
Uses Jinja2 to dynamically inject target-specific data (names, departments) into emails and pages.
Includes support for sending phishing messages via SMS gateways.
Extensible architecture allowing for custom Python scripts to modify server or client behavior.
Integrated support for Let's Encrypt to provide valid HTTPS for landing pages.
Provision a Linux server (Ubuntu/Debian recommended) with at least 2GB RAM.
Clone the official King Phisher repository from GitHub.
Execute the 'install.sh' script to automate the installation of Python dependencies and PostgreSQL.
Configure the 'server_config.yml' file to define listening ports and database credentials.
Initialize the PostgreSQL database and start the King Phisher service.
Install the King Phisher client on the local machine (requires GTK3 support).
Establish a secure connection from the client to the server via the RPC port.
Create a new campaign and configure SMTP server settings for email delivery.
Design or import email and web templates using the Jinja2 engine.
Launch the campaign and monitor the real-time dashboard for target interactions.
All Set
Ready to go
Verified feedback from other users.
"Highly praised for its flexibility and open-source nature, though some users find the GTK3 client installation to be cumbersome on modern systems."
Post questions, share tips, and help other users.
SpyCloud uncovers hidden identity risks across user exposure in data breaches, malware infections, and phishing attacks, automatically remediating them to stop account takeover, ransomware, and fraud.
AI-powered vulnerability detection and risk assessment platform.
Human-led, AI-powered MDR that finds what matters, and filters out what doesn’t.
Recorded Future empowers organizations with intelligence to identify and neutralize threats before they impact their business.
The world’s most widely used open-source web application security scanner for automated DevSecOps and manual pentesting.
The industry-standard Python suite for deconstructing and analyzing malicious Microsoft Office documents.
