Setting Up GoPhish on AWS Marketplace: Step-by-Step Guide

Introduction

Hailbytes offers an exciting tool known as GoPhish to assist businesses in testing their email security systems. GoPhish is a security assessment tool designed for phishing campaigns that organizations can use to train their employees to recognize and resist such attacks. This blog post will guide you through how to find GoPhish on the AWS Marketplace, subscribe to the offer, launch an instance, and connect to the admin console to start using this excellent tool.

How to Find and Subscribe to GoPhish on AWS Marketplace

The first step in setting up GoPhish is to find it on the AWS Marketplace. To do so, follow these steps:

1. Go to AWS Marketplace and search for “GoPhish” in the search bar.
2. Look for the listing from Hailbytes, which should appear as the first result.
3. Click on the “Continue to Subscribe” button to accept the offer. You can choose to subscribe hourly for $0.50 per hour or go for an annual contract and save 18%.

Once successfully subscribed to the software, you can configure it from the configuration tab. You can leave most of the settings as they are, or you can change the region to a data center closer to you or where you’ll be running your simulations.

https://youtu.be/3FHVc0HViyg

How to Launch Your GoPhish Instance

After completing the subscription process and configuration, it’s time to launch your GoPhish instance by following these steps:

1. Click on the Launch from Website button on the subscription success page.
2. Ensure that you have a default VPC that has DNS host names assignment and a subnet that has IPv4 assignment. If you don’t, you’ll need to create them.
3. Once you have a default VPC, edit VPC settings and enable DNS host names.
4. Create a subnet to associate with the VPC. Ensure that you enable the auto-assignment of public IPv4 addresses in the subnet settings.
5. Create an internet gateway for your VPC, attach it to the VPC, and add a route to the internet gateway in the route table.
6. Create a new security group based on the seller settings and save it.
7. Change to a key pair you’re happy using or generate a new key pair.
8. Once you have completed these steps, you can launch your instance.

How to Connect to Your GoPhish Instance

To connect to your GoPhish instance, follow these steps:

1. Log in to your AWS account and go to the EC2 dashboard.
2. Click on Instances and look for your new GoPhish instance.
3. Copy your instance ID, which is under the Instance ID column.
4. Check that your instance is running correctly by going to the Status Checks tab and verifying that it has passed the two system status checks.
5. Open a terminal and connect to the instance by running “ssh -i ‘path/to/your/keypair.pem’ ubuntu@instance-id” command.
6. Now you can access your admin console by entering your instance’s public IP address into your browser.

Setting up your own SMTP server with Amazon SES

If you don’t have your own SMTP server, you can use Amazon SES as your SMTP server. SES is a highly scalable and cost-effective email sending service that can be used to send transactional and marketing emails. SES can also be used as an SMTP server for Go Phish.

To set up SES, you’ll need to create an SES account and verify your email address or domain. Once you’ve done that, you can use the SMTP settings we outlined above to configure your Go Phish instance to use SES as your SMTP server.

SMTP settings

Once you’ve set up your instance and accessed the admin console, you’ll likely want to configure your SMTP settings. This will allow you to send emails from your Go Phish instance. To do this, navigate to the “Sending Profiles” tab in the admin console.

In the sending profiles section, you can enter your SMTP server details, including the hostname or IP address of your SMTP server, the port number, and the authentication method. If you’re using Amazon SES as your SMTP server, you can use the following settings:

• Hostname: email-smtp.us-west-2.amazonaws.com (replace us-west-2 with the region where you’ve set up your SES account)
• Port: 587
• Authentication method: Login
• Username: your SES SMTP username
• Password: your SES SMTP password

To test your SMTP settings, you can send a test email to a specified address. This will ensure that your settings are correct and that you can successfully send emails from your instance.

Removing email sending restrictions

By default, EC2 instances have restrictions on outgoing emails to prevent spam. However, these restrictions can be a problem if you’re using your instance for legitimate email sending, such as with Go Phish.

To remove these restrictions, you’ll need to complete a few steps. First, you’ll need to request to have your account removed from the “Amazon EC2 sending limits” list. This list limits the number of emails that can be sent from your instance per day.

Next, you’ll need to configure your instance to use a verified email address or domain in the “From” field of your emails. This can be done in the “Email Templates” section of the admin console. By using a verified email address or domain, you’ll ensure that your emails are more likely to be delivered to your recipients’ inboxes.

Conclusion

In this article, we covered the basics of setting up Go Phish on AWS Marketplace. We discussed how to find and subscribe to the Go Phish offer, how to launch your instance, how to access the EC2 dashboard to check your instance’s health, and how to connect to the admin console.

We also covered common questions around sending emails, including how to update your SMTP settings, remove email sending restrictions, and set up your own SMTP server with Amazon SES.

With this information, you should be able to successfully set up and configure Go Phish on AWS Marketplace, and begin running phishing simulations to test and improve your organization’s security.

Deploy GoPhish Phishing Platform on Ubuntu 18.04 into AWS