Gophish - is an open-source phishing toolkit designed for businesses and penetration testers. It provides the ability to quickly and easily setup and execute phishing engagements and security awareness training.
Here are some example snippets to help you get started creating a container.
docker create \
--name=gophish \
-p 443:443 \
-p 3333:3333 \
-v <path to data>:/data \
--restart unless-stopped \
warhorse/gophish
Compatible with docker-compose v2 schemas.
---
version: "2"
services:
gophish:
image: warhorse/gophish
container_name: gophish
environment:
ADMIN_USE_TLS: "false"
PHISH_USE_TLS: "false"
DB_FILE_PATH: "/data/gophish.db"
volumes:
- <path to data>:/data
- "/etc/localtime:/etc/localtime:ro"
ports:
- 443:443
- 3333:3333
restart: unless-stopped
Container images are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate <external>:<internal> respectively. For example, -p 8080:80 would expose port 80 from inside the container to be accessible from the host's IP on port 8080 outside the container.
| Parameter | Function |
|---|---|
-p 3333 |
The port for HTTP traffic |
-p 443 |
The port for HTTPS traffic |
-v /data |
gophish configs |
Access the webui at <your-ip>:3333, for more information check out gophish.
- Shell access whilst the container is running:
docker exec -it gophish /bin/bash - To monitor the logs of the container in realtime:
docker logs -f gophish
If you want to make local modifications to these images for development purposes or just to customize the logic:
git clone https://github.com/warhorse/docker-gophish.git
cd docker-gophish
docker build \
--no-cache \
--pull \
-t warhorse/gophish:latest .
- 04.06.21: - First Push