Red-Fox is a heavily modified fork engineered for modern red teaming and large-scale enterprise simulations. Built upon a proven phishing framework foundation, this version addresses the limitations of traditional approaches by introducing capabilities tailored for contemporary security assessment needs.
Red-Fox extends beyond conventional phishing simulation tools to support the full spectrum of modern red team operations. The platform is designed for security professionals conducting enterprise-wide assessments, penetration tests, and security awareness programs at scale.
-
Modern Red Teaming — Purpose-built for professional red team engagements, supporting sophisticated campaign design, execution, and reporting workflows required in enterprise environments.
-
Large-Scale Enterprise Simulations — Engineered to handle extensive user populations and complex organizational structures, enabling security teams to run comprehensive phishing simulations across entire enterprises.
-
Mobile-Centric Threat Support — Addresses the growing attack surface of mobile devices. Red-Fox introduces support for mobile-focused threat scenarios, reflecting the reality that modern users are increasingly targeted through smartphones and tablets.
-
Automated User Synchronization — Eliminates manual user management overhead. The platform supports automated synchronization with external identity sources and learning management systems (e.g., Moodle integration), keeping target groups up to date and reducing operational friction during large-scale campaigns.
Installation is straightforward: download and extract the archive containing the release for your system, then run the binary. Red-Fox provides releases for Windows, macOS, and Linux.
Note: Red-Fox requires Go v1.10 or above.
To build from source:
go install github.com/red-fox/red-fox@latest
cd <project-source-directory>
go buildA binary named redfox (or redfox.exe on Windows) will be produced in the current directory.
You can also run Red-Fox via Docker. See the project repository for container images and usage instructions.
After running the Red-Fox binary, open a browser to https://localhost:3333 and log in with the default credentials displayed in the log output, for example:
level=info msg="Please login with the username admin and the password <generated-password>"
Documentation and usage guides are available in the project repository. For issues or feature requests, please open an issue in the project tracker.
Red-Fox - Phishing Simulation Framework for Red Teaming
The MIT License (MIT)
Copyright (c) 2013 - 2020 Jordan Wright (Original GoPhish)
Copyright (c) Red-Fox Contributors
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.