Getting Started with GoPhish Cloud After Deployment

You’ve deployed GoPhish Cloud from the Azure Marketplace. This guide walks you through your first login, setting up a sending profile, creating your first campaign, and reviewing results.

1. Finding Your Initial Login Credentials

GoPhish Cloud generates a unique admin password during first boot. The credentials are printed to the VM’s console output.

Azure: In the Azure Portal, navigate to your VM and select Help > Boot diagnostics > Serial log. Search for the login credentials in the output.

Tip: Copy the credentials exactly as shown. They are case-sensitive and may include special characters.

2. Accessing the Web UI

GoPhish Cloud serves its admin interface over HTTPS on port 3333.

1. Open your browser and go to https://<your-vm-public-ip>:3333.
2. You will see a certificate warning because the instance uses a self-signed TLS certificate. Accept the warning to proceed.
3. You should see the GoPhish login page.

If the login page doesn’t load, check the Troubleshooting section below.

3. First Login and Password Change

1. Enter the username and password from the console output.
2. Navigate to Settings and change your password immediately. Choose a strong password and store it in a password manager.
3. Optionally update the Admin URL and Phishing URL to match your domain names.

4. Setting Up a Sending Profile

A sending profile tells GoPhish how to send emails. You need at least one before launching a campaign.

1. Go to Sending Profiles in the sidebar.
2. Click New Profile.
3. Fill in:
   • Name — a label for this profile (e.g., “Corporate SMTP”).
   • From — the sender address (e.g., it-support@yourdomain.com).
   • Host — your SMTP server and port (e.g., smtp.office365.com:587).
   • Username / Password — SMTP authentication credentials.
4. Click Send Test Email to verify the configuration.
5. Click Save Profile.

5. Creating a Landing Page

Landing pages are shown to users who click phishing links.

1. Go to Landing Pages and click New Page.
2. You can Import Site to clone an existing login page or build one from scratch using the HTML editor.
3. Check Capture Submitted Data if you want to record what users type.
4. Check Capture Passwords only if your organization’s policy permits it.
5. Set a Redirect URL to send users to an awareness training page after they submit the form.

6. Launching Your First Campaign

1. Go to Campaigns and click New Campaign.
2. Fill in the campaign details:
   • Name — a descriptive name for reporting.
   • Email Template — select or create a phishing email template.
   • Landing Page — choose the page you created.
   • Sending Profile — select your SMTP profile.
   • URL — the phishing URL users will see in the email.
   • Groups — select target user groups (create one first under Users & Groups).
3. Click Launch Campaign.

7. Reviewing Results

The campaign dashboard updates in real time. You can track:

• Emails Sent — total emails dispatched.
• Emails Opened — recipients who opened the email (via tracking pixel).
• Links Clicked — recipients who clicked the phishing link.
• Data Submitted — recipients who entered data on the landing page.
• Emails Reported — recipients who reported the email as phishing (if configured).

Export results as CSV for reporting to stakeholders.

Troubleshooting

Can’t reach the login page

Your VM’s firewall rules may be blocking inbound traffic on port 3333.

• Azure: Check the Network Security Group (NSG) associated with your VM. Add an inbound rule for TCP port 3333 from your IP address.

Emails not sending

• Verify your SMTP credentials with Send Test Email in the sending profile.
• Check that your SMTP provider allows relay from the VM’s IP.
• For Office 365, ensure the account has SMTP AUTH enabled.

Campaign stuck at “Queued”

Check that all GoPhish containers are running: SSH into the VM and run docker ps. If any container is restarting, check logs with docker logs gophish.

---

Next Steps

Explore more tutorials at hailbytes.com/tutorials.

Still need help? Open a ticket at support.hailbytes.com.