GoPhish - Phishing Simulation SaaS
GoPhish is an enterprise-grade SaaS platform for phishing simulation and security awareness training. The system enables companies to create, schedule, and launch realistic phishing campaigns to test employee security awareness. It provides comprehensive analytics tracking, automated learning module assignments, and subscription-based access control.
Private Repository
This repository is private and contains proprietary code. Code samples and architecture details available upon request during interviews.
Project Summary
Built a scalable enterprise phishing simulation SaaS platform using Node.js and Express.js, featuring asynchronous email queue processing with BullMQ, real-time analytics tracking, Razorpay payment integration, and automated security awareness training workflows.
Tech Stack
Key Features
Campaign Management with customizable templates
Advanced Email Tracking with tracking pixels
Asynchronous Email Processing with BullMQ
Learning Module Integration
Subscription & Payment Management with Razorpay
Bulk Employee Management via CSV/Excel
What Makes This Unique
Memory-Optimized Queue System reducing footprint by ~80%
Intelligent Auto-Remediation with learning modules
Risk Scoring Algorithm based on engagement patterns
Custom Domain SMTP Configuration
Template Variable System with XSS-safe sanitization
Complexity & Challenges Solved
Scalable Email Delivery with concurrency control
Real-Time Analytics Tracking with pixel-based opens
Multi-Tenant Data Isolation
File Processing Pipeline with validation
Payment Integration Complexity with webhooks
Redis Memory Optimization with lazy loading