Swordphish is a platform allowing to create and manage fake phishing campaigns. Identifying security contacts may be hard in a big structure, that's why we developed Swordphish and a button embedded in the mail client to help our users to report suspicious mail to security teams just with a simple click. This choice seriously improved our visibility on what our users are receiving, and we decided to release it to the community! Swordphish can be used to train people identifying suspicious mails, and it can help checking that people report correctly the mails to security teams. Installation Detailed installation instructions can be found in the documentation. Docker images Swordphish has a docker-compose script to get up and running quickly.
FEATURES
SIMILAR TOOLS
A data-mining and deep web asset search engine for breach analysis and prevention services.
A tool for quantitative risk analysis of Android applications using machine learning techniques.
A search engine for the Internet of Things (IoT) that discovers and monitors devices connected to the internet.
A Graphical Realism Framework for Industrial Control Simulation organized as 5 VirtualBox VMs for realistic ICS network simulation.
Tools and documentation for validating hardware security requirements on x86 platforms, including bootable USB key creation and platform configuration verification.
A tool for analyzing Android applications in local storage with various functionalities.
Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.
An open-source project for dynamic analysis of Android applications using the Android Substrate framework.
Android vulnerability analysis system with efficient scanning and high accuracy.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.