Phishing affects everyone, not just organizations with large infosec budgets. Existing solutions to simulate phishing attacks can be expensive, complex to setup, or limited in functionality. We've created an open-source phishing framework called gophish to bridge this gap, bringing rock-solid phishing testing to everyone. This presentation will show how you can be up and running with gophish in 60 seconds on any platform, using the beautiful UI to create pixel-perfect phishing emails and landing pages to send to clients, measuring the results in near-realtime. In addition to this, we'll explore the fully-featured REST API that can be used to automate your phishing campaigns and reporting. After this talk is over, you'll have everything you need to run an end-to end simulated phishing campaign for your organization with gophish in just a few minutes.