1
Authenticate
Get a JWT token to access protected endpoints.
2
Tenant Setup
Create your company and record the authorization consent.
3
Employees Import
Upload a CSV or generate sample data to get started.
Expected columns:
email, full_name, department4
Campaign Launch
Schedule a phishing simulation for enrolled employees.
✍️
Custom Email Template
Write your own phishing email. Select "Use my custom template" above before launching.
Tips for higher click rates:
• Keep subject under 60 chars — it shows fully in mobile inboxes
• Add urgency words: "expires tonight", "action required", "your account"
• Use
• One clear CTA button beats multiple links
• Keep subject under 60 chars — it shows fully in mobile inboxes
• Add urgency words: "expires tonight", "action required", "your account"
• Use
{tracking_url} as the href in your <a> tag — it tracks clicks• One clear CTA button beats multiple links
♻
Auto-Scheduler — Annual Programme
Set and forget: schedule recurring campaigns that fire automatically every N days.
📈 How to Improve Your Security Score
Get a personalised action plan — department-by-department recommendations to reduce your click rate.
🔗 Shareable Report Links
📈 Live KPIs
Risk Level
—
Delivery Rate
—
Click Rate
—
💻 JSON Output
// Hit "Get Summary" to load report data…
📉 Analytics Snapshot
📋 Campaign History
⚡ Event Timeline
🔍 Audit Log
📨
Report-a-Phish Inbox
Suspected phishing emails reported by your employees.
Share this link with employees so they can report suspected phishing:
/phish-report (loading...)
🔒
Authorized Domain Lock
Only employees on this domain can be targeted. Prevents misuse.
Loading current domain…
⚠️ Once locked, the system will silently skip any email address not on this domain during CSV import and campaign send. This cannot be circumvented without admin access.
⚙️
Tenant Settings
Persisted per company — loaded automatically on next visit.
🌐 DNS / Deliverability Check
💳
Billing & Subscription
Manage your plan, payment method, and invoices.
Loading plan…
👤
Account
Signed in as —
Analytics Overview
Visual breakdown of campaign performance, risk, and deliverability.
—
Total Employees
Enrolled in system
—
Active Campaigns
Currently running
—
Total Events
Tracked interactions
—
Click Rate
% of emails clicked
—
Delivery Rate
% successfully delivered
—
Risk Level
Overall organization risk
Event Type Distribution
Events Over Time (Last 14 Days)
Department Risk Scores
Campaign Status Breakdown
Deliverability Funnel
Training Completion
—
Completion Rate
—
Completed
—
Avg Score
PENDING TRAINING
Industry Benchmark
—
Your Click Rate
—
Industry Avg
ALL INDUSTRIES
Employee Risk Trends — Top Clickers
Click "Load Trends" to see per-employee risk history across all campaigns.
Production Readiness
Check every environment variable before going live.
Two-Factor Authentication (TOTP)
Protect your account with an authenticator app like Google Authenticator or Authy.
Quick-Start Checklist
Complete these steps to run your first phishing simulation.
Create a company
Go to Workflow tab → Step 1 → Create Company
Sign the authorization consent
Confirms you own the domain and authorizes sending
Upload your employee list (CSV)
email, full_name, department columns
Schedule your first campaign
Choose a template and pick a send time
View the risk score report
Reports tab → Executive Summary or PDF export
Email Provider Setup
Configure a real email provider so campaigns actually send.