Django App for running phishing campaigns (for staff security awareness training).
Trawler is a django app designed to help audit a group of people or organization in terms of phishing awareness.
When used as directed, you can launch your own phaux-phishing campaign and track the members of your organization that actually follow the link or load the images (either by default or by choice depending on how their mail client is configured).
This software was largely inspired by a presentation given by Lance Spitzner in which he described his approach to phishing awareness.
For more detail: http://django-trawler.readthedocs.org/
If you’re familiar with django apps, this process will be familiar. Install using your choice of pip or easy_install:
$ pip install django-trawler or ... $ easy_install django-trawler
In your project settings module:
- Add trawler and django.contrib.admin to INSTALLED_APPS.
- Ensure your mail settings are appropriate (the app needs to send mail).
- Ensure you set the domain for your server (django Sites framework) so admin links point to the right place.
- Include trawler.urls in your urlconf.
- MAKE ABSOLUTELY SURE DEBUG = False before launching a campaign (or your targets will see nice django 404 pages).