Frequently Asked Questions

Find answers to common questions about Phishing Club

Gophish alternative?

Yes, Phishing Club is a modern, enterprise-grade alternative to GoPhish. While GoPhish offers basic functionality as a free solution, Phishing Club provides advanced features designed for professional security teams and organizations requiring enhanced control and scalability.

Read more about how Gophish inspired us to create Phishing Club

Open source?

No, Phishing Club is not open source. It's a commercial product designed for professional use in security testing. This allows us to maintain high quality, provide professional support, and continuously develop new features.

System requirements?

The user guide has information about the minimum requirements and can be found here.

What is needed to use the software?

To run a phishing simulator you need:

  • A server to deploy and run campaigns from
  • SMTP server, own hosted or 3. party - dedicated IP recommended
  • IT / Development department that can create and execute campaigns

How is data stored?

All data is stored locally on your infrastructure. We don't have access to your data or usage statistics. The application uses a SQLite database with WAL mode storing campaign data, results, and configurations. Assets, attachments and certificates are raw on-desk.

Try before buying?

Yes, we offer a free trial period with full functionality. This allows you to thoroughly test the platform in your environment and ensure it meets your needs.

How does licensing work?

Licenses are sold on an annual basis and include all updates and support during the subscription period. Each license allows you to run up to 3 instances of Phishing Club, perfect for high-availability setups or development/staging environments.

Support?

Yes, got any issues or need help, write us a e-mail.

Can I import my existing templates?

Our template variables are compatible with GoPhish.

What delivery options are available?

Phishing Club supports multiple mail / message delivery methods:

  • SMTP server
  • API-based delivery
  • Send it yourself

Is there a limit on campaigns or recipients?

No, we set no artifical limits on anything, you will only be limited by technical limitations such as infrastructure, LetsEncrypt TLS limits and etc.

OPSEC & External Connectivity

Standard deployment performs license validation via outbound connection. For sensitive operations: use SOCKS proxy configuration or request a fully offline license with zero outbound connectivity requirements.

Offline licenses have custom enterprise pricing

SSO integration?

We support Entra-ID tenant integration for authentication.

Partnership Opportunities

We provide tailored licensing and support for security providers looking to offer phishing simulations to their clients. Contact us to discuss partner programs, white-labeling options, and volume pricing.

Questions?

Contact us directly and we'll be happy to help

Contact Us