Professional/Commercial version of Phred - Defensive phishing simulation software for security awareness training.
Note: This is the Pro/Commercial version. For the base version, see LivingArchive-Phred.
Phred is a comprehensive platform for creating, managing, and analyzing phishing simulation campaigns. It implements the four core components of simulated phishing software: campaign management, template creation, execution/tracking, and reporting.
Phred enables security teams to:
- Create targeted phishing campaigns with realistic email templates
- Schedule and execute campaigns via SMTP with proper authentication
- Track user interactions (opens, clicks, submissions) in real-time
- Generate comprehensive reports with metrics and recommendations
- Provide immediate training to users who interact with simulated phishing emails
-
Campaign Management (
services/campaign_manager.py)- Campaign creation and configuration
- Target selection and grouping
- Scheduling and execution control
- Status monitoring
-
SMTP Service (
services/smtp_service.py)- TLS/SSL encrypted email delivery
- SMTP authentication
- Bulk email sending with rate limiting
- Connection testing
-
Template Engine (
services/template_engine.py)- Email template rendering with variable substitution
- Landing page generation
- HTML to text conversion
- Template library management
-
Tracking Service (
services/tracking_service.py)- Email open tracking (1x1 pixel)
- Link click tracking
- Form submission tracking
- Training completion tracking
- Interaction logging
- Multi-stage campaign progression integration
- Reply-chain automation integration
-
Reporting Service (
services/reporting_service.py)- Campaign metrics calculation
- Department/role breakdowns
- Time-based analysis
- Security recommendations
- CSV export
-
Multi-Stage Campaign Manager (
services/multi_stage_campaign_manager.py)- Automated stage progression
- Trigger-based campaign advancement
- Time-delay and event-based triggers
- Stage completion tracking
-
Reply Chain Manager (
services/reply_chain_manager.py)- Automated email response generation
- AI-powered contextual replies
- Reply chain history tracking
- System response management
-
LLM Service (
services/llm_service.py)- AI-generated email content
- Agent profile persona generation
- Reply-chain response generation
- Integration with EgoLlama Gateway
- PhishingCampaign: Campaign configuration and status (with LLM features)
- PhishingTemplate: Reusable email templates
- CampaignTarget: Individual targets (employees)
- LandingPage: Phishing landing pages
- InteractionLog: Detailed interaction tracking
- CampaignReport: Generated campaign reports
- CampaignStage: Multi-stage campaign stage definitions
- TargetStageProgress: Target progress through campaign stages
- AgentProfile: Sender profiles (with AI-generated metadata)
- SimulatedResponse: System-sent automated responses
- EmailReply: Target-sent email replies
from phred.services import PhredCampaignManager
manager = PhredCampaignManager()
# Create campaign
campaign = manager.create_campaign(
name="Q4 Security Awareness Test",
description="Testing employee awareness of phishing",
sender_email="security@company.com",
smtp_config={
'host': 'smtp.company.com',
'port': 587,
'use_tls': True,
'username': 'security@company.com',
'password': 'encrypted_password'
}
)
# Add targets
targets = [
{'email': 'user1@company.com', 'first_name': 'John', 'department': 'IT'},
{'email': 'user2@company.com', 'first_name': 'Jane', 'department': 'HR'},
]
manager.add_targets(campaign, targets)
# Schedule campaign
manager.schedule_campaign(campaign, start_time=datetime.now())from phred.services import PhredTemplateEngine
from phred.models import PhishingTemplate
template_engine = PhredTemplateEngine()
# Render template with variables
rendered = template_engine.render_template(
template=template,
target=target,
campaign_name=campaign.name,
tracking_url=f"https://phred.company.com/track/{target.unique_identifier}",
tracking_pixel_url=f"https://phred.company.com/pixel/{target.unique_identifier}"
)
# Generate landing page
landing_html = template_engine.create_landing_page_html(
campaign_name=campaign.name,
target=target,
tracking_url=f"https://phred.company.com/submit/{target.unique_identifier}",
training_redirect_url=f"https://phred.company.com/training/{target.unique_identifier}",
collect_credentials=True
)from phred.services import PhredSMTPService, PhredTrackingService
# Execute campaign (recommended - handles everything automatically)
from phred.services import PhredCampaignManager
manager = PhredCampaignManager()
results = manager.execute_campaign(campaign, template=template)
print(f"Sent {results['emails_sent']} emails")
# Or send emails manually with DKIM support
smtp = PhredSMTPService(
smtp_host=campaign.smtp_host,
smtp_port=campaign.smtp_port,
smtp_username=campaign.smtp_username,
smtp_password=campaign.smtp_password,
use_tls=campaign.smtp_use_tls
)
for target in campaign.targets.all():
rendered = template_engine.render_template(template, target, campaign.name)
smtp.send_email(
from_email=campaign.sender_email,
to_email=target.email,
subject=rendered['subject'],
html_body=rendered['html_body'],
text_body=rendered['text_body'],
tracking_pixel_url=f"https://phred.company.com/pixel/{target.unique_identifier}",
tracking_link_url=f"https://phred.company.com/track/{target.unique_identifier}",
dkim_key=campaign.dkim_key, # Optional: DKIM signing
dkim_selector='default',
dkim_domain=campaign.sender_email.split('@')[1]
)
target.email_sent = True
target.sent_at = timezone.now()
target.save()
# Track interactions (via HTTP endpoints)
tracking = PhredTrackingService()
tracking.track_email_open(target_id, request)
tracking.track_link_click(target_id, redirect_url, request)
tracking.track_form_submission(target_id, form_data, request)from phred.services import PhredReportingService
reporting = PhredReportingService()
# Generate report
report = reporting.generate_campaign_report(campaign)
# Access metrics
print(f"Open Rate: {report.open_rate}%")
print(f"Click Rate: {report.click_rate}%")
print(f"Submission Rate: {report.submission_rate}%")
# Export to CSV
csv_data = reporting.export_report_csv(report)
# Get recommendations
recommendations = report.report_data.get('recommendations', [])
for rec in recommendations:
print(rec)- ✅ Multi-Stage Spear Phishing Campaigns: Automated multi-stage campaign progression with trigger-based stage advancement
- ✅ AI-Generated Sender Profiles: LLM-powered agent profile generation with realistic personas and writing styles
- ✅ Reply-Chain Automation: Automated AI-powered email responses for reply-chain phishing simulations
- ✅ LLM Threat Training: Enhanced training content for LLM-generated phishing threats
- ✅ Behavioral Metrics: Deep tracking including Time-to-Report (dwell time) and engagement metrics
- ✅ DKIM Email Signing: Full DKIM implementation with automatic email signing when DKIM keys are configured
- ✅ Advanced Link Tracking: Proper HTML parsing to replace all links while preserving original URLs
- ✅ Security Headers: X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and X-XSS-Protection on all responses
- ✅ Improved Rate Limiting: Per-email randomized delays (0.5-2 seconds) to avoid spam filters
- ✅ Campaign Execution Method:
execute_campaign()method for automated campaign execution with full DKIM support
Phred supports proper email authentication mechanisms:
- SPF (Sender Policy Framework): Authorizes sending servers (configured via DNS)
- DKIM (DomainKeys Identified Mail): Digitally signs emails (implemented with dkimpy library)
- DMARC (Domain-based Message Authentication): Policy enforcement (configured via DNS)
DKIM Signing: When a DKIM private key is configured in the campaign, emails are automatically signed before sending. Install the dkimpy library: pip install dkimpy
- Credentials are NOT stored: Form submissions are logged for tracking only, actual credentials are discarded
- Encrypted SMTP connections: TLS/SSL encryption for all email transmission
- Unique tracking identifiers: Each target has a unique, non-guessable identifier
- Secure landing pages: HTTPS-only landing pages with proper security headers
- Security headers: X-Frame-Options, X-Content-Type-Options, Referrer-Policy, X-XSS-Protection
- Be authorized by the organization
- Target only employees with proper consent
- Discard all collected data immediately
- Redirect to training immediately after interaction
- Comply with local privacy regulations
- Open Rate: Percentage of emails opened
- Click Rate: Percentage of links clicked
- Submission Rate: Percentage of forms submitted (compromise rate)
- Training Completion Rate: Percentage of users who completed training
- Department/role breakdowns
- Time-based activity analysis
- Identification of vulnerable users
- Automated security recommendations
- CSV export for further analysis
- Django 3.2+
- PostgreSQL (recommended) or SQLite
- Python 3.8+
- Install dependencies:
pip install -r requirements.txtOr install manually:
pip install Django dkimpy- Add to Django settings:
INSTALLED_APPS = [
# ... other apps
'phred',
]- Run migrations:
python manage.py makemigrations phred
python manage.py migrate- Configure SMTP settings (in your campaign or settings):
SMTP_CONFIG = {
'host': 'smtp.company.com',
'port': 587,
'use_tls': True,
'username': 'security@company.com',
'password': 'your_password'
}- Configure DKIM (optional but recommended):
Add your DKIM private key to the campaign:
campaign.dkim_key = """-----BEGIN RSA PRIVATE KEY-----
...your private key...
-----END RSA PRIVATE KEY-----"""
campaign.save()Email templates support the following variables:
{{target_name}}- Full name of target{{target_first_name}}- First name{{target_last_name}}- Last name{{target_email}}- Email address{{company_name}}- Company name{{tracking_url}}- URL for link click tracking{{tracking_pixel}}- URL for email open tracking{{campaign_name}}- Campaign name{{current_date}}- Current date (formatted){{current_time}}- Current time (formatted)
Phred can integrate with the EgoLlama ecosystem:
- Erika: Email processing and analysis
- Sabrina: Security testing coordination
- PinkiePie: AI-powered campaign optimization
Subject: Action Required: New HR Policy Update
Dear {{target_first_name}},
We're updating our HR policies and need you to review the new document.
[Click here to review] {{tracking_url}}
Thank you,
HR Department
Subject: Your Password Will Expire Soon
Hi {{target_name}},
Your password will expire in 3 days. Please update it now to avoid account lockout.
[Update Password] {{tracking_url}}
IT Support
This is part of the EgoLlama ecosystem. Contributions should follow the same patterns as other security personalities (Sabrina, Koga, etc.).
This software is licensed under a Commercial License. See LICENSE for details.
Non-Commercial Use: Free for personal, non-commercial use only.
Commercial Use: Requires a valid commercial license. Contact charlesmcgowen@gmail.com for licensing information.
This software is for authorized security awareness training only. Users are responsible for:
- Obtaining proper authorization before running campaigns
- Complying with all applicable laws and regulations
- Protecting user privacy and data
- Using the software ethically and responsibly
Phred - Making security awareness training effective and measurable.