Sptoolkit v0.7 code name Ghost Fish - A Simple Phishing Toolkit
The spt project ( sptoolkit ) is an open source phishing education toolkit that aims to help in securing the mind as opposed to securing computers. A simple, targeted link is all it takes to bypass the most advanced security protections. The link is clicked, the deed is done.
spt ( sptoolkit )was developed from the ground up to provide a simple and easy to use framework to identify your weakest links so that you can patch the human vulnerability. If the spt project sounds interesting to you, please consider downloading it for evaluation in your own organization. Feedback is welcomed and always appreciated.
Basic reuirements for sptoolkit
- Apache,
- PHP
- MySQL
Feature list of sptoolkit
Download sptoolkit
- Vast improvements in the editing functionality for templates and education packages. Major changes include: two different editors to choose from (the oroginal spt text editor and TinyMCE), copy templates or education to new version and then customize them.
- Added education completion tracking, now you can determine if your targets completed the assigned education in a campaign.
- Support for the Google and TinyURL URL shortener services. Now your phishing emails can have shortened URLs, making them harder to detect.
- Support for sending SMTP using SSL secured connections.
- Enhancements to the viewing of campiang information including SMTP relay used and destination URL used.
- Initial support for using spt in SSL/TLS secured installations, code updates to prevent insecure content warnings.
- All forms now generate inline errors with entered value retention, allowing easy correction of incorrect or missing items without requiring all information to be entered again.
- Email tracking times are now more accurate when viewing campaign information.
- Most items in the Quick Start module now feature links allowing you to quickly access the desired location in the spt UI.
- Enhancements to the browser detection script for more information on what you need vs. what you have.
- Many security and usability issues fixed.
- Additional improvements in authentication and session management security.
Change log and version release history
Version 0.7, code name Ghost Fish. Released August 13, 2012
- Vast improvements in the editing functionality for templates and education packages. Major changes include: two different editors to choose from (the oroginal spt text editor and TinyMCE), copy templates or education to new version and then customize them.
- Added education completion tracking, now you can determine if your targets completed the assigned education in a campaign.
- Support for the Google and TinyURL URL shortener services. Now your phishing emails can have shortened URLs, making them harder to detect.
- Support for sending SMTP using SSL secured connections.
- Enhancements to the viewing of campiang information including SMTP relay used and destination URL used.
- Initial support for using spt in SSL/TLS secured installations, code updates to prevent insecure content warnings.
- All forms now generate inline errors with entered value retention, allowing easy correction of incorrect or missing items without requiring all information to be entered again.
- Email tracking times are now more accurate when viewing campaign information.
- Most items in the Quick Start module now feature links allowing you to quickly access the desired location in the spt UI.
- Enhancements to the browser detection script for more information on what you need vs. what you have.
- Many security and usability issues fixed.
- Additional improvements in authentication and session management security.