Frequently Asked Questions

What is Phishing Club?

Phishing Club is a professional, self-hosted phishing simulation platform designed for organizations and security providers. Unlike cloud-based solutions, it runs entirely on your infrastructure, giving you complete control over sensitive data and unlimited scaling capabilities.

Is Phishing Club a GoPhish alternative?

Yes, Phishing Club is a modern, enterprise-grade alternative to GoPhish. While GoPhish offers basic functionality as a free solution, Phishing Club provides advanced features designed for professional security teams and organizations requiring enhanced control and scalability.

Read more about how GoPhish inspired us to create Phishing Club.

Can I try before buying?

Yes, we offer a free trial with full functionality. This allows you to thoroughly test the platform in your environment and ensure it meets your needs before making a purchase decision.

What are the system requirements?

Minimum requirements include 1 CPU core (64-bit), 1 GB RAM, and a Linux distribution. We recommend 2 CPU cores and 2 GB RAM for better performance. For detailed requirements, visit our user guide.

What do I need to run phishing simulations?

To run effective phishing simulations, you need:

• A server to deploy and run campaigns from
• SMTP server (self-hosted or third-party) - dedicated IP recommended
• IT/Development team that can create and execute campaigns
• Domain name for hosting phishing pages

What delivery options are available?

Phishing Club supports multiple delivery methods:

• SMTP server integration
• API-based delivery for custom workflows
• Self-managed delivery for manual distribution
• Webhook integrations for automation

How is data stored and protected?

All data is stored locally on your infrastructure. We never have access to your data or usage statistics. The application uses SQLite database with WAL mode for campaign data, results, and configurations. Assets, attachments, and certificates are stored as files on disk.

OPSEC & External connectivity concerns?

Standard deployment performs license validation via outbound connection. For sensitive operations, you can use SOCKS proxy configuration or request a fully offline license with zero outbound connectivity requirements.

Offline licenses have custom enterprise pricing

Does it support SSO integration?

Yes, we support Microsoft Entra ID (Azure AD) tenant integration for seamless authentication and user management within your organization.

How does licensing work?

Licenses are sold on an annual basis and include all updates and support during the subscription period. Each license allows you to run up to 3 instances of Phishing Club, perfect for high-availability setups or development/staging environments.

Are there limits on campaigns or recipients?

No, we don't impose artificial limits. You're only limited by technical constraints such as your infrastructure capacity, LetsEncrypt rate limits, and similar technical factors. Scale as much as your infrastructure allows.

Is Phishing Club open source?

No, Phishing Club is a commercial product designed for professional use in security testing. This allows us to maintain high quality, provide professional support, and continuously develop new features.

What support is available?

We provide email support for all license holders. Our team is responsive and knowledgeable about deployment, configuration, and troubleshooting issues.

Can I import existing templates?

Yes, our template variables are compatible with GoPhish, making migration straightforward. You can also import templates, pages, and assets using our import functionality.

Partnership opportunities for security providers?

We provide tailored licensing and support for security providers looking to offer phishing simulations to their clients. Contact us to discuss partner programs, white-labeling options, and volume pricing.

Do you support non-profit organizations?

Absolutely! We believe in supporting organizations that make a positive impact on society. Non-profit organizations working on causes we support may be eligible for a free edition of Phishing Club along with complimentary support.

If you represent a non-profit organization focused on education, healthcare, human rights, environmental protection, or other beneficial causes, we'd love to hear from you. Please reach out with details about your organization and mission.

How do I apply for the non-profit free edition?

To apply for our non-profit program, please email us at [email protected] with:

• Your organization's name and mission statement
• Official non-profit documentation or registration
• Description of how you plan to use Phishing Club
• Contact information for a primary representative

We review each application individually and aim to respond within 5 business days. Approved organizations receive a full-featured license and dedicated support.