Penetration Testing: Gophish Tutorial (Phishing Framework) 

This is the only course in you tube that teaches how to do real social engineering campaigns on remote network using Gophish...thank Bro and may your knowldge be increased

This course is so good. I followed from beginning to end and you did such a great job explaining every detail! Thank you so much!

I have recently been tasked with pentesting my coworkers and this tutorial has been a huge help. Thank you!

When you click on Quora, how does it go to the landing page? what part of the video is that? I am having issues with data capture

hi i was working with this tool for a while until stoped to work correctly i cant spoof anymore can i add you to talk about what i have bad in my sending profile?

Thanks for this bro. I am hosting my gophish server internally in my organization and using an internal IP address to access it and not a domain name. Could that be the reason why my campaigns do not redirect me to the landing page when I click the link on the phishing email just like on your video? Even after clcking the link, the dashboard only updates the number of emails sent and no click stats

Nice video man! I understood it from the third time but I finally get it :D cheers and keep up the good work

Wow free code camp is covering pentesting tools, awesomeness.

I'm not sure how to setup URL Correctly for Gophish Listening Server for Launch Campaign Can you elaborate on that?? or is it somewhere specific in the Video

@Sagar Bansal, you recorded this course on 13th Jan 2018, and released it on 17th June 2019, why so?

Am trying on how to install gophish on my digital ocean vps server but cannot .... Please can you show a video on this...

great tutorial being a python programmer I find penetration and such topic very interesting thank you so much for this tutorial ... in half way only i understood that its worth watching

I have successfully created and sent my first campaign but it doesn’t seem to load the requested landing page. I don’t know what I’m doing wrong. It just shows Apache 2 running . Can you reply me back?

hi , can you please tell me where is the referral link for digital ocean

I have a hosted a site and it is perfectly working fine but i used the certificate and key of that site in the config.json file as "phish_server" and update the certificate and key path. The site is working fine. I am not able to track the details in gophish dashboard. Could you suggest something ?

Tysm sir for sharing your knowledge

Great video! Could you also make a video on how to avoid spam filters? Thank you

On 18:24 in the video, whenever I use the CD command, it doesn't work for some reason.

Appreciate for the awareness.Thanks

Is paid VPS neccessary for external phishing attacks?

i have problem after luching with ./gophish, my ip refused to load i use azure vps and i have the port 80 open on the portal

Maybe the test email failed cause of the port. When I use 465, it works fine. That's if u enabled access for less secure apps

i am getting max connection attempts exceeded. Kindly let me know how to resolve this

is there another alternative for digital ocean droplet

Hello, how are you? I really need your help. I can't get gophish to count "submitted data". I've done campaigns for imported sites and also for handmade HTML on login and password. But the gophish does not identify credentials at all. What do you need to do in the code for gophish to collect this information?

Hi, did you have some icloud phishing panel for sale?

I keep getting the same error "max connection exceeded - unencrypted connection" even after following step by step this video..I dont understand why

My landing page keeps coming up with the gophish login when clicking a link from a test email. Does anyhbody know how to fix this?

im not able to connect to the phish page hosted on vps

Why gophish very slow when sending email?

I have set up a VPS droplet in Digital Ocean with a domain name (I got a free domain and it has been published) to launch the phishing campaign and I'm trying to obtain an SSL certificate for the domain using ZeroSSL. The domain verification always fails (domain verification using DNS (CNAME)). It shows the error " We were unable to verify your CNAME entry. Please check for errors on your side and try again after 5-10 minutes. " The Name, Address to point to, and TTL values for the new CNAME record which ZeroSSL asks me to add have been entered correctly as a new CNAME record in DigtalOcean but the verification test keeps failing. I have sent an email to ZeroSSL support but some annoying bot responded. Please help!

The ZeroSSL generation is slightly different now - you can verify via email, and it gives you three files - does it still work?

Excellent 👌

Hello sir please how can I get the email raw source code thank you

Hi digital ocean is not unblocking smtp 25 port, can you please help me in unblocking the port.

Thank you! STMP2GO doens't work thou

its showing password wrong at 7:58 for me. edit : password will provided by the system during the run time. default password is will not work !

I agree with others here, this is a very helpful and well-paced guide. And the only full one that I have found. I have a question though, regarding Digital Ocean now blocking the SMTP port by default: I have not contacted them yet, hoping to get some current comments about it before I do. I'm running on my usual motto of hope for the best, anticipate the worst. So if I get knocked back on my request, does anyone have a way of getting around the restriction? (and I'm open to any suggestions, like hosting it elsewhere, etc). I have the brief to do some penetration testing for a couple of small organisations that I support. THis was looking promising - till I hit this roadblock. Any suggestions would be greatly appreciated. Thanks.

Hey bro, I am a bit confused.... I dont understand how 6:29 became 6:39 ... where did the new files come from during your break? I would appreciate an explanation. Thanks

what would be a workaround if let's say one was unable to convince them into unblocking the SMTP

this is a nice tutorial, please can I get the windows version

Actual tutorial starts until minute 57:00

Hey bro please how can I reach you, I’m having issues with the ssl certificate. What’s your telegram channel?

That's great but what about call vicitum

Kindly do a Video on how to do penetrating test with Gophish using Windows.

Thankyou !

All your words were just flying above my head using a JetPack..... LOL...

I keep getting the "Cant execute binary file". Obviosly im new at this. Anything I can do? gophish: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, ... , not stripped Linux usrv 5.8.0-1034-oracle #35~20.04.2-Ubuntu SMP ... aarch64 aarch64 aarch64 GNU/Linux PS. I already executed "chmod u+x" on it. Gophish v0.11.0

Thank you! Really good video, specially that you teach how configure domain and ssl (free) like in a real world test. I didn't do it in digitalocean but aws, but everything was almost the same. It will be great if you make a video of how to configure the server to send emails also (including the reverse dns)

who can put me through gophish because mine keeps saying wrong password. i am using wonders

Gophish laggy why?

your content is very nice but it would be better if you add automatic translation subtitle.

Congrats by your video

My emails are landing into the spam category :(

🙋 Hello guys! But is it legit to use gmail or outlook to send phishing email using this gophish in a company?

This Is the real phishing 😍

Sorry, please I need help My DNS is not going through but my IP address does

Hi all, great video, i'm having issues with running the gophish server after loading the certificates getting the message " level=fatal msg="tls: failed to parse private key" Anyone got any ideas or can help?

I'm unable to get DigitalOcean to unblock my smtp server. I need help with that please

Amazing as always! Sagar Sir 🔥 😎

Sagar is always the best Please do course on automatic security by rest API tutorial it may be helpful for many people

when i enter user name (admin) but the password (gophish) it tells me wrong password pls help me

Hi, thank's for your video it's very helpful to me ! I'm doing a phishing campaign with my job and I need to sent 400/500 mails someone have a solution ? cause outlook gmail ... are limited and I can't sent more than 10 mails there is a solution except buy a domain and configure an smtp server ? Thanks :)

Timestamps?

how to register free domain in 2020 june (freenom not working)

Hello, does anyone know why the folder wont show? After I unzipped the download on the server, and press ls I dont see the folder, but I do see the zipped file. I don't understand this. Please Help!!

all this to just install the it

Gophish default password is not working

WoW!! that is really helpful!! Thank you!!!!!! u rocked it!1

my mails are ending in spam help me out guys

Hey! My VPS from Digital Ocean just got disconnected from the network. They say that it could have bem used for spam or DDOS. How can we prevent this from happening?

সুন্দর

Great sagar

./gophish -permission denied

Actual phishing tutorial starts at ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-S6S5JF6Gou0.html. Irma gerd.

I wish you are using windows

echo > [file you want to empty]. Next time.

No contact address has been configured

50:00

another thing, stop making questions on why u cant execute this and that, and how unzip the file, etc etc. first learn how to use a linux distro, learn how to use the file system, user permissions, google search and you will easily find the answers. you all want to run before knowing how to walk..

Make video on Android development please

this is a clickbait title xD

Not much g9od

u r wasting most of the time

at 38:58, we're so impatient.

./2023>July

whats wrong with your accent bro

Waste of time. Speak coherently

very bad and unnecessary accent. seems there is no script, very unplanned or not properly executed

Go learn first you wasted time

i got this after unzipping .. well i am using parrot os .. ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=ce2b024de4886db5f77a4b8a437385d17892a60a, for GNU/Linux 3.2.0, with debug_info, not stripped