Phisherman

Phisherman Landing Page
Fetch.AI AgentVerse
Fetch.AI Phisherman Agent
Login
Admin View
Admin View
Phishing Campaign Start
Phishing Campaign Prompt Engineering
Normal User Dashboard
Security Awareness Learning
Security Awareness Gamified Quiz
Security Awareness Gamified Quiz Results
Successful Phishing Email Template Sent

Inspiration

In today’s digital world, where cyber threats are becoming increasingly common, organizations often struggle to equip employees with adequate skills to recognize and respond to phishing attacks. In our team, with many of us heading towards a future in cybersecurity, we understand firsthand how often and preventable phishing related security breaches are. Which inspired us to create Phisherman as a tool that not only strengthens cybersecurity but does so in an engaging, educational way, helping users build confidence and lasting security habits.

What it does

Phisherman is an AI-powered cybersecurity training application that enables administrative users to measure and strengthen the security awareness of their organization through safe and controlled phishing simulations. Primarily, using a bait-and-switch strategy, Phisherman generates near realistic phishing emails of varying complexity with hyperlinks that redirect users to interactive learning and gamified training modules when clicked. The platform automates campaign management by integrating with standard email APIs to send simulated attacks to targeted groups. As users interact with these simulations, performance of scores on the gamified assessments are shared with participating members to foster cybersecurity engagement. Phisherman also gathers detailed analytics that is presented in a comprehensive admin dashboard which allows security teams to design campaigns, analyze risk trends, and assign personalized remediation.

How we built it

Phisherman’s frontend was built using React.js as the primary framework for a user-friendly interface and efficient asset control. On the backend, we used a varied mix of technologies: Fetch.AI AgentVerse served as our main discovery platform to host 6 agents with Fetch.AI uAgents being used for our multi-agent orchestration. MongoDB was used for our database, with Python CLI being integrated with Socket.io for routing and application logic.

Challenges we ran into

Time Constraints - With limited time, our team focused on delivering the most essential features of the application, staying true to the core vision and purpose of our idea.

New Technologies - While adapting to new technologies, we faced challenges connecting the mailbox service to Agentverse through its endpoint. We reviewed official documentation and utilized open-source resources to understand the configuration and successfully establish the connection.

Network Connectivity - A significant challenge was dealing with an unreliable connection in times of need. In many instances, our team was setback due to connectivity issues occurring when important installations were occurring.

Accomplishments that we're proud of

We built a functional AI-powered phishing simulation platform with automated email generation, interactive training, and real-time analytics. Our modular architecture, gamified user experience, and secure admin dashboard enabled effective, ethical, and engaging security training.

What we learned

In building Phisherman, we gained hands-on experience with the most recent AI models, creating an agent-based architecture, and scalable email delivery, while highlighting the importance of safety, ethics, and user-focused design. We also gained a deeper understanding of key metrics in how to leverage gamification to boost engagement, and saw firsthand how cross-disciplinary collaboration accelerates effective development.

What's next for Phisherman

Looking ahead, we plan to expand Phisherman’s capabilities beyond email by introducing text and audio-based phishing simulations, creating a more comprehensive and realistic training experience. We also aim to develop richer learning modules that adapt to user performance and engagement levels, providing more personalized and effective security education. Finally, we’re committed to enhancing accessibility and scalability, ensuring Phisherman can reach and benefit a broader range of organizations and users worldwide.

Built With

agentverse
fetch
fetchai
flask
html5
mongodb
python
react

Submitted to

Cal Hacks 12.0

Created by

Developed and deployed 6 AI agents on Fetch.ai’s Agentverse for cybersecurity training. Designed the full agent architecture, including Phish Master, domain specific agents, and Phish Refiner, and implemented interactive quiz logic via the Teacher Agent using WebSocket connections. Authored detailed registration and integration docs for seamless agent discovery.

Raghav Gautam
Led the team in the whole development process. Built all the sockets and REST APIs that seamlessly worked with my teammates AI while also adjusting and integrating it into email APIs and integrated the DOM event listening modules into the backend processing. Handled MongoDB database management to work at scale. Pioneered automated mailing and data analytics for the phishing tool. Built most of the frontend and designed it to have an ocean theme.

Marlon (Mj) Burog
Worked on gamified frontend section consisting of player scene and text inquiry space. Built the incremental score tracker and question quantifier subsections to keep track of player data during game interaction. Created and deployed assets to seamlessly integrate with the intended product theme and overall aesthetic.

Alan To
Can we get much higher?!!
Ram Tristan Lobo