A containerized web application designed to support controlled phishing simulations and user behavior research. The platform delivers realistic phishing scenarios, captures user interaction metrics, enables customizable content, and provides an environment suitable for academic or organizational studies.
- Realistic phishing landing pages served via PHP.
- Customizable scenarios with editable images, text, and branding.
- Docker-based deployment for consistent and reproducible environments.
- Static assets (icons, logos, mock attachments) supporting a variety of phishing themes.
- Simple folder structure for quick extension or adaptation.
phishing-study/
│── docker-compose.yml # Container orchestration
│── dockerfile # PHP/Apache environment
│── README.md # Original readme
│── htdocs/ # Webroot served by Apache
│ ├── index.php # Main entry point
│ ├── img/ # Image assets used by the scenarios
│ ├── css/ # Stylesheets (if present)
│ ├── js/ # JavaScript (if present)
│ └── ...
- PHP 7+/8+ (via Apache)
- Elixir (as included in the Docker build environment)
- Docker & Docker Compose
- HTML/CSS/JS frontend
- Docker
- Docker Compose
git clone <your-private-repo-url>
cd phishing-study
docker compose --profile dev up --build
The application will be available at:
http://localhost:8080
- Open the site in your browser.
- Provide study participants with the generated phishing link.
- Landing pages can be modified inside
htdocs/to simulate different phishing strategies. - Add or replace images in
htdocs/img/to customize branding.
- Update text and behavior in
index.phpor other PHP files. - Replace image assets in
htdocs/img/with organization-specific branding. - Add additional scenario pages (e.g.,
bank.php,o365.php, etc.).
To work without Docker:
- Place project files in any PHP-capable server (XAMPP, WAMP, Apache, Nginx+PHP-FPM).
- Point the document root to the
htdocs/folder.
TODO
TODO