Landing Pages
A "Landing Page" is the HTML content returned when targets click on the links in Gophish emails.
Landing pages have the following structure:
{
id : int64
name : string
html : string
capture_credentials : bool
capture_passwords : bool
modified_date : string(datetime)
redirect_url : string
}
get
https://localhost:3333
/api/pages/
Get Landing Pages
get
https://localhost:3333
/api/pages/:id
Get Landing Page
Returns a 404 error if the specified landing page isn't found.
post
https://localhost:3333
/api/pages/
Create Landing Page
This method expects the landing page to be provided in JSON format. You must provide a landing page name and the html for the landing page.
Importing a Site
Let Gophish do the hard work for you by importing a site. By using the Import Site endpoint, you can simply give Gophish a URL and have the site fetched for you and returned in a format that can be used with this method.

Capturing Credentials

Capturing credentials is a powerful feature of Gophish. By setting certain flags, you have the ability to capture all user input, or just non-password input.
To capture credentials, set the capture_credentials attribute. If you want to capture passwords as well, set the capture_passwords attribute.
By default, Gophish will not capture passwords, as they are stored in plaintext.
Gophish also provides the ability to redirect users to a URL after they submit credentials. This is controlled by setting the redirect_url attribute.
put
https://localhost:3333
/api/pages/:id
Modify Landing Page
Returns a 404 error if the specified landing page isn't found.
This method expects the landing page to be provided in JSON format. You must provide a full landing page, not just the fields you want to update.
This method returns the JSON representation of the landing page that was modified.
delete
https://localhost:3333
/api/pages/:id
Delete Landing Page
Returns a 404 error if the specified landing page isn't found.
This method returns a status message indicating the landing page was deleted successfully.
post
https://localhost:3333
/api/import/site
Import Site
This endpoint simply fetches and returns the HTML from a provided URL. If include_resources is false (recommended), a <base> tag is added so that relative links in the HTML resolve from the original URL.
Additionally, if the HTML contains form elements, this endpoint adds another input, __original_url, that points to the original URL. This makes it possible to replay captured credentials later.
Note: This API endpoint doesn't actually create a new landing page. Instead, you can use the HTML returned from this endpoint as an input to the Create Landing Page method.
Copy link
On this page
get
Get Landing Pages
get
Get Landing Page
post
Create Landing Page
put
Modify Landing Page
delete
Delete Landing Page
post
Import Site