-
Notifications
You must be signed in to change notification settings - Fork 542
Graphs
The King Phisher client utilizes matplotlib when available to provide visual representation of campaign data in the form of various graphs. These graphs appear on the dashboard and can be created individually through the tools menu.
The King Phisher client supports showing the geographic location of client visits on map view. These maps are created with the Matplotlib Basemap Toolkit. Because of this, the basemap package is required in addition to matplotlib specifically for graphing data onto maps. Without basemap, the other graphs will still be available from matplotlib.
Basemap requires GEOS to be installed. This package can be obtained by installing libgeos++-dev on Debian based systems (including Ubuntu and Kali) and geos-devel on Fedora. The Basemap project includes detailed documentation on how it can be installed.
Basemap can be installed with pip however at this time additional options need to be specified. The
basemap python package is externally hosted from the standard pip packages. The King Phisher install
script will attempt to directly download and install the tarball from it's hosted location on Source
Forge.
The command to install it separately is:
pip install http://downloads.sourceforge.net/project/matplotlib/matplotlib-toolkits/basemap-1.0.7/basemap-1.0.7.tar.gz
| Graph Name | Graph Description |
|---|---|
| Campaign Overview | Stats on messages sent, visits and messages received |
| Department Comparison | Percentages of opened messages organized by departments |
| Message Results | Percentages of messages which resulted in visits and credentials |
| Password Complexity | Percentages of submitted passwords that meet complexity requirements |
| Visit Locations * | The geographic locations that visits originated from on a world map |
| Visit Locations (USA) * | The geographic locations that visits originated from on a USA map |
| Visitor OS Information | Information on the visitors OS based on their User Agent |
| Visits Timeline | Visits plotted over time |
* Graphs which require the basemaps package to be available
Some graphs (such as the Campaign Overview) have entries for "unique" measurements in addition to generic measurements. In this case the term "unique" is used to differentiate actions which can be repeated to increment the counter. For example, if Alice and Bob are both sent an email and Alice clicks once while Bob clicks twice, all three visits will be counted. Three visits total will be tallied as the landing page was visited three times, however only two unique visits will be counted due to one visit being a repeat from Bob.
The password complexity graph will identify passwords which meet basic complexity requirements. These requirements are defined as requiring the password be at least 8 characters long and to contain characters from at least 3 of the following four categories.
- Upper case characters
- Lower case characters
- Numbers
- Special characters
Passwords meeting both of these contraints (length and character types used) are considered to be "complex" for the purpose of this graph.