{"id":17006029,"url":"https://github.com/aress31/phishstat","last_synced_at":"2026-03-07T02:03:19.882Z","repository":{"id":62414220,"uuid":"116267131","full_name":"aress31/phishstat","owner":"aress31","description":"Generate various type of statistics from phishing engagement results.","archived":false,"fork":false,"pushed_at":"2019-11-22T08:15:41.000Z","size":654,"stargazers_count":6,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-09-12T01:17:06.070Z","etag":null,"topics":["pentest","phishing","reporting","statistics","xlsx"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aress31.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"github":"aress31","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"custom":null}},"created_at":"2018-01-04T14:08:31.000Z","updated_at":"2024-08-12T19:35:15.000Z","dependencies_parsed_at":"2022-11-01T14:48:31.693Z","dependency_job_id":null,"html_url":"https://github.com/aress31/phishstat","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/aress31/phishstat","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aress31%2Fphishstat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aress31%2Fphishstat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aress31%2Fphishstat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aress31%2Fphishstat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aress31","download_url":"https://codeload.github.com/aress31/phishstat/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aress31%2Fphishstat/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30205893,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-06T19:07:06.838Z","status":"online","status_checked_at":"2026-03-07T02:00:06.765Z","response_time":53,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["pentest","phishing","reporting","statistics","xlsx"],"created_at":"2024-10-14T05:04:49.918Z","updated_at":"2026-03-07T02:03:19.851Z","avatar_url":"https://github.com/aress31.png","language":"Python","funding_links":["https://github.com/sponsors/aress31"],"categories":[],"sub_categories":[],"readme":"![phishstat](images/phishstat.png)\n# phishstat\n[![Language](https://img.shields.io/badge/Lang-Python-blue.svg)](https://www.python.org)\n[![License](https://img.shields.io/badge/License-Apache%202.0-red.svg)](https://opensource.org/licenses/Apache-2.0)\n\n## Automating the generation of statistics obtained from Phishing engagements.\nThis script structures the results obtained from Phishing engagements into a MySQL database and generates different types of statistics.\n\nThe database model used is as follows:\n* **Employee**: Holds information about the targetted `Employee` \n  * `client`\n  * `email`\n  * `role`\n\n* **Link**: Intermediate table linking an `Employee` to a `Payload`\n  * `ref`\n  * `email`\n\n* **Payload**: Holds information about the delivered `Payload` \n  * `idP`\n  * `type`\n  * `host`\n  * `agent`\n  * `date`\n  * `ref`\n\nThe statistics are all generated into individual worksheets within a single `.xlsx` file, as shown in the following screenshot.\n \n![example](images/example.png)\n\nThe following statistics are currently implemented:\n* `Click Types Per User`\n* `Clicks Over Time`\n* `Email Distribution`\n* `Clicks Per Payload Type`\n* `Click Originating IP`\n* `Users Who Did/Did Not Click`\n* `Clicks Per Department`\n\n## Installation\n```\n$ git clone https://github.com/AresS31/phishstat\n$ cd phishstat\n# pip install -r requirements.txt\n```\nThe `MYSQL_USER` and `MYSQL_PASSWORD` global variable must be edited  within the script (line 34 and 35).\n\n## Usage\n```\n$ python phishstat.py [-h] -c CLIENT -l APACHE_LOG -p PARAMETER -r EMAIL2REF -t\n                    TARGET [-v]\n\n-h, --help            show this help message and exit\n-c CLIENT, --client CLIENT\n                      name for the database storing the engagement results\n-l APACHE_LOG, --log APACHE_LOG\n                      Apache log file\n-p PARAMETER, --parameter PARAMETER\n                      GET parametereter used to identify each clicks\n-r EMAIL2REF, --ref EMAIL2REF\n                      file containing the email to reference\n-t TARGET, --target TARGET\n                      file containg the target details\n-v, --verbose         enable verbose mode\n```\n##### Apache log example:\n```\n11.22.33.44 - - [25/Oct/2016:10:51:21 +0100] \"GET /phishing.gov.uk?region=KT4-EAC82 HTTP/1.1\" 301 577 \"-\" \"Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko\"\n11.22.33.44 - - [25/Oct/2016:10:51:22 +0100] \"GET /phishing.gov.uk/?region=KT4-BDCB5 HTTP/1.1\" 200 22729 \"-\" \"Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; Touch; rv:11.0) like Gecko\"\n11.22.33.44 - - [25/Oct/2016:10:53:36 +0100] \"GET /phishing.gov.uk?region=KT4-C2AE6 HTTP/1.1\" 301 577 \"-\" \"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko\"\n11.22.33.44 - - [25/Oct/2016:10:53:36 +0100] \"GET /phishing.gov.uk/?region=KT4-30747 HTTP/1.1\" 200 22729 \"-\" \"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko\"\n11.22.33.44 - - [25/Oct/2016:10:53:36 +0100] \"GET /phishing.gov.uk/?region=KT4-779D8 HTTP/1.1\" 200 22729 \"-\" \"Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko\"         \n```\n\n*Note*: The GET parameter (-p, --param) used to parse the results in the above example is `region`.\n\n##### Target file expected formatting:\n```\naaaaaaa@mailserver.co.uk,Director\nbbbbbb@mailserver.co.uk,Technical\ncccccc@mailserver.co.uk,Support\ndddddd@mailserver.co.uk,Sale\neeeeee@mailserver.co.uk,Other\n```\n\n##### Email to reference file expected formatting:\n```\naaaaaa@mailserver.co.uk,KT4-EAC82\nbbbbbb@mailserver.co.uk,KT4-BDCB5\ncccccc@mailserver.co.uk,KT4-C2AE6\ndddddd@mailserver.co.uk,KT4-30747\neeeeee@mailserver.co.uk,KT4-779D8\n```\n\n## Possible Improvements\n- [ ] Add new features.\n- [ ] Source code optimisation.\n\n## License\nCopyright (C) 2017 - 2018 Alexandre Teyar\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n\u003chttp://www.apache.org/licenses/LICENSE-2.0\u003e\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faress31%2Fphishstat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faress31%2Fphishstat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faress31%2Fphishstat/lists"}