All services
Phishing & Human Risk

Your firewall is solid.
But one employee clicked a link.

Technical controls don't stop social engineering. Phishing is the leading initial access vector because it bypasses everything you've hardened. The only defense is knowing who on your team would click, before attackers find out.

See a campaign live Self-host free
Without phishing simulation
You don't know which employees would click a credential-harvesting lure. Attackers are willing to find out. You aren't running the test first.
Three of your finance employees have had their credentials leaked in third-party breaches. Nobody checked. Those passwords may still be in use.
Annual security awareness training is a checkbox. A PDF nobody reads. No measurement of actual behavior under pressure.
With Horus Phishing
PhishingAgent uses your asset inventory to craft context-aware lures — branded to your own domains, referencing real tools your team uses. Click tracking per target.
HIBP Domain Search runs against your org's email domain. Leaked employees flagged with a karma score. You see who needs immediate password rotation.
Repeat clickers identified automatically. Awareness landing page shown on click — education at the moment of failure, not months later.
How it works

Profile. Craft. Send. Measure.

Campaigns are built from your own asset inventory, not generic templates. Every lure references something real about your org.

01 / PROFILE

Target list from your inventory

PhishingAgent reads your asset inventory: domain names, technologies in use, integrations. Builds a target profile per employee. Lures reference tools they actually use.

02 / CRAFT + SEND

Context-aware lure generated

Choose objective: click-only, credential harvest drill, or report-to-security training. MFA/OTP simulation available. Campaign sent on schedule, tracking pixel embedded.

03 / TRACK + EDUCATE

Analytics, then awareness

Click rate, credential entry rate, report rate. Department and repeat-offender breakdown. Clickers hit an awareness landing page immediately. Results feed into your security posture score.

Campaign results · acmecorp.io · 142 targets
Campaigns
Targets
Credential Exposure
24 clicked 3 repeat offenders
Q2 awareness drill · "IT password reset" lure sent 2026-06-20
j.smith@acmecorp.io · Finance
clicked at 09:14 UTCrepeat offendercredential entered
HIGH RISK
m.rodriguez@acmecorp.io · Engineering
clicked at 11:02 UTCfirst click
MEDIUM
a.chen@acmecorp.io · Security
reported phishing at 08:47 UTCreported
GOOD
22 clicked · 1 reported · 118 no interaction Click rate: 16.9%
Full capability set

Everything in Phishing & Human Risk.

Phishing simulation campaigns and credential exposure monitoring. Two sides of the same human-vector risk.

Social engineering

Phishing Campaigns

PhishingAgent reads your asset inventory to craft context-aware lures — branded to your domains, referencing real tools your team uses. Not generic templates. Choose objective: click-only, credential harvest drill, or report-to-security. Awareness landing page shown on click.

  • Asset-inventory-aware lure generation
  • Objective: click / credential / report drill
  • Per-target click and credential tracking
  • Fake MFA/OTP simulation
  • Department-level analytics
  • Repeat-offender identification
  • Awareness landing page on click
  • Schedule: one-off or recurring
HIBP integration

Credential Exposure

Have I Been Pwned Domain Search checks if your org's employees appear in public breach databases. Per-employee karma score. Sensitive breach flag for passwords and tokens. Surfaces accounts that need immediate rotation.

  • HIBP Domain Search integration
  • Per-employee karma score
  • Sensitive breach detection
  • Priority rotation recommendations
Posture impact

Human Risk Score

Click rates, credential entry rates and breach exposure combine into a human risk score that feeds into the org's overall security posture timeline. Drill down by department or individual.

  • Click rate and credential rate
  • Breach exposure count
  • Feeds posture timeline
  • Department vs overall comparison

Know who would click
before attackers test it.

The demo includes a live phishing campaign with click tracking and credential exposure results.

Open live demo → Self-host free