(Last updated 14 June 2020)
A curated list of free and paid phishing simulation tools.
[FREE] – GoPhish
An Open-Source Phishing Framework, written in Go
[Bundled/PAID] – Microsoft Office 365 Attack Simulation – ATP Plan 2
Microsoft Office 365’s phishing simulation tool. Included in Office 365 ATP plan 2 or an Office 365 E5 license.
[FREE] – Infosec IQ
A free (after registering) phishing simulation service provided by the Infosec Institute.
[FREE (limited) / COMMERCIAL] – LUCY
The free version provides some functionality but in order to unlock all features a paid upgrade is required.
[COMMERCIAL] – ProofPoint ThreatSim (aka Wombat)
The original wombat security phishing tool, now purchased, rebranded, and improved by ProofPoint
[COMMERCIAL] – Cofense PhishMe
Well known PhishMe, now under the Cofense umbrella.
[COMMERCIAL] – KnowBe4
Regular and reply phish testing.