Self-Hosted Phishing Platform

Data Privacy & Control

Complete Control Over Your Data

Your sensitive employee information stays on your servers. No vendor access, no compliance headaches, no surprises.

🛡️

Data Privacy

All campaign information, recipient details, and analytics remain on your infrastructure. Never worry about vendor breaches or sovereignty issues.

⚙️

Single Binary Deployment

Deploy with a single self-contained binary. No dependencies, no complex setup. Works with systemd for easy updates and maintenance.

🔒

Enterprise Security

IP allowlisting, TOTP multi-factor authentication, session management, and comprehensive audit logging. Built for security-conscious organizations.

💰

Predictable Costs

Free community edition with unlimited recipients and campaigns. No per-seat fees means you can scale without budget surprises.

Features

Professional Campaign Management

Create realistic attack sequences with up to 3 connected pages. Build sophisticated simulations that mirror actual threat patterns and test employee responses to complex social engineering attempts.

  • Chain multiple pages together for realistic user journeys
  • Template system with real-time preview
  • Dynamic QR code generation for mobile phishing
  • Custom tracking and analytics for each stage
Campaign management interface showing multi-page phishing scenario builder with connected pages and flow diagram

Advanced Code Editor

Create sophisticated phishing campaigns with our integrated code editor featuring real-time preview, syntax highlighting, and modular component system.

  • Real-time email and website preview
  • Syntax highlighting for HTML, CSS, and JavaScript
  • Modular template components for reusability
  • Variable insertion and dynamic content
Template builder screenshot

Enterprise Security Controls

Comprehensive security features designed for enterprise environments with strict compliance and access control requirements.

  • Multi-factor authentication for admin users
  • Single Sign-On (SSO) integration
  • IP allowlisting for admin and recipient access
  • Role-based access controls
Signin page with SSO functionality

Complete Campaign Lifecycle Management

Manage every aspect of your phishing campaigns from initial planning through completion and analysis with comprehensive tracking and automation.

  • Automated data anonymization and cleanup
  • Calendar scheduling and timeline visualization
  • Campaign status tracking and notifications
  • Historical campaign archive and reporting
Campaign management overview

Actionable Analytics

Go beyond basic click rates. Track repeat offenders, organizational trends, and campaign effectiveness to continuously improve your security awareness program.

  • Organization-wide activity dashboards
  • Repeat offender tracking and trends
  • Individual recipient journey analysis
  • Campaign comparison and performance metrics
Analytics dashboard showing charts and graphs of phishing campaign performance, repeat offender tracking, and organizational security metrics

Multi-Organization Management

Handle multiple clients on a single instance with complete isolation. Perfect for MSSPs and security service providers who need to deliver simulations at scale.

  • Isolated environments for each organization
  • Shared templates and resources across organizations
  • Individual and consolidated reporting
Multi-organization dashboard showing isolated client environments with shared resources and individual reporting panels

Enterprise Integration

Integrate with your existing infrastructure and authentication systems. Flexible deployment options that work seamlessly with your security stack.

  • Webhook notifications for campaign events
  • Entra ID and SSO integration
  • Custom SMTP and delivery configurations
  • REST API for automation and reporting
Integration options showing Phishing Club connecting to enterprise authentication systems and custom SMTP configurations

And Much More

This is just the beginning. Phishing Club includes dozens of additional capabilities designed for security professionals.

Email Operations

Advanced email handling with attachment support, custom headers, and tracking pixels

Domain Management

Automated TLS certificates, custom websites, and comprehensive asset management

Recipient Management

CSV import, group management, export functionality, and anonymization controls

Template System

Code editor with preview, variable support, and import capabilities

Export Features

Comprehensive data export capabilities for compliance and reporting requirements

Webhook Integrations

Real-time notifications and data synchronization with external systems

API Automation

Full REST API for integrating phishing campaigns into existing security workflows

GoPhish Compatibility

Import existing GoPhish templates and migrate campaigns seamlessly

Offline Licensing

Air-gapped deployment support with offline license validation

Professional Support

Dedicated support channels for enterprise customers and professional users

Ready to get started?

Get started with our free Community edition today

Free Community Edition Schedule Demo

✓ No credit card required • Full access to all capabilities • Setup in minutes