Security Awareness Blog

Phishing Your Own Organization

One of the things we have discussed in the past, especially on security awareness metrics, is assessing your own organization with the same attacks bad guys use, such as Phishing attacks. There are commercial solutions that allow you to do internal Phishing assessments, including Core IMPACT, Wombat and Phishme. However to date there has not been any open source solution you can try/develop yourself. Until now. Owen Nelson has released an open source tool, specifically a django app called Trawler. The tool is designed to allow you to create and track your own internal Phishing campaigns. Trawler is still in Alpha stage and could use some community love. If this is something you might be interested in, please let Owen know.