"LUCY" is a easy to set up tool, with simple reporting designed specifically to measure and improve awareness towards phishing, malware, and drive-by attacks by launching realistic phishing attacks

It comes with a simple web based user interface including pre-defined Mail and Web templates.  "LUCY" is also fully customizable, users can create campaigns and templates that can be used again.  Designed so that both technical and non technical persons can administrate the plattform, configuring custom phishing attacks within minutes. Easy to read,  accurate reporting on user behavior (includes link clicks, form submits etc.)


"LUCY" is executed within a virtualized software (like Virtualbox, Vmware), which can be downloaded for free, emulating the attack from A-Z (creating landing webpages, sending mails, analyzing data etc.) in your own network or in the Cloud. Admins can upload their target recipient list from a simple text file or use the build in Email Target Identifier to search the Internet for possible mail adresses.

The creation of new attack scenarios can be done with just one mouse click with a website copy feature allowing the user to build a functional copy of any website automatically. 

How it Works


"LUCY" customizable scenarios can all be edited and offer the possibility to run phishing campaigns such as:

  • Click-only: These scenarios involve a two-step process with an email that urges the recipient to click on the embedded link.
  • Data entry: Send emails with a link to a customized landing page that encourages users to enter sensitive information.
  • Attachment-based: Train users to recognize malicious attachments by sending emails with seemingly legitimate attachments
  • Double Barrel: technology that simulates conversational phishing techniques by sending two emails one at the beginning and one containing a malicious element used by APT.

Other Features include:
  • DynDNS  (run "LUCY" accessible from the Internet on a private IP)
  • Mail Engine (send & forward mails)
  • Reporting engine (create custom report templates), export data to pdf or CVS
  • Statistic engine (graphical analysis of each phihsing campaign)
  • Create SSL secured scenarios (with custom certificate or import official certificate via web gui)
  • Easy linux configuration script for first use
  • interactive help that guides you through 1st phishing campaign
  • Automatic software updates
  • Website Copy feature
  • Benchmark Analysis helps you compare different campaigns
  • Professsional web based scenario editor (editing ladning pages or mails)
  • Login filters (enable  filters to check for complex passwords or custom domains required within the login)
  • Real time access to graphical analysis of the phishing campaign
  • Multi user enabled, web based gui to configure and run phishing campaign against one or ten thousands of users simultanously

Outlook on next updates:

  • Launch integrated awarness (e-learning) campaigns from the phishing server
  • Add HTML & RTF reports
  • Add new Web/Mail Templates
  • Customizable attachments (Word Macro) that send user info to "LUCY" upon openening
  • Launch Website with signed/non signed applet that sends user info to "LUCY" upon executing
  • Add more statistical tools for more in depth analysis


Run within free Vmware Player or any other virtualization software on your server. Network Settings: Bridged. Allocate at least 2 GB RAM. After Vmware Setup you can either point a domain to the server or use the build in DynDNS Feature enabling LUCY to also run on a private IP behind NAT. More info and help is available during installation or in this short manual. Troubles setting up LUCY?  Maybe it can be solved easily:
  • Mail communication issues: It says "x mails sent" in LUCY - but mails never arrived
    • mail might have arrived in the spam inbox because some spam filters may classify mails as spam if the subject or body contains specific words. You can verify your mail content by using a free service like
    • mail might have been rejected at the recepient mail server because many mail server reject mails from a server, that has no valid MX record
  • Setup Issues: LUCY does not get an IP address
    • make sure your VMWARE setting is set to "bridged"
    • Use the build in network tools to verify if you can reach external servers
  • Accessibility: LUCY Webgui is not accessible via browser:
    • in the current edition you cannot reach LUCY via IP address. You need to setup a host file with a server name, that points to the IP you have configured within the intial setup script


"LUCY" can be downloaded for free, some limitations apply.

  • The free edition is designed to increase  awareness and can run 5 campaigns against maximum 100 users. If you need help in setting up your phishing campaign on your free version we offer a cheap, remote support setup bundle. 
  • Commercial edition: To run larger campaigns (up to 20'000 users with the current built) you will need a commercial version (0.5 US $/user) which comes with a support package for the initial setup for all orders above 500 US $ and access to updates. Customization of the application is  provided as well.  




By downloading and using "LUCY" you confirm that "LUCY" does not violate the standards of your community, town, city, state or country. You acknowledge that "LUCY" may not be used by you or any other party for any purpose that violates any local state, federal or foreign law. You understand that getting confidential data using "LUCY" from users not belonging to your own organisation may be illegal. If you agree to those terms you can download "LUCY" by clicking here:



Our team lead by Oliver Muenchow, developed the concept of LUCY based on projects measuring the awarness with various swiss banc clients.

We perform penetration tests including social engineering attacks since 1998. This allowed us to develop many custom security tools (mainly tools enabling inside out attacks using DNS tunneling and HTTP/s callback techniques) which will be integrated in future LUCY versions. 


Please contact for support, inquires and feedback. Contact Person: Oliver Muenchow - Zuerich (Switzerland) | Linkedin | Xing | Skype: swiss_fondue | Personal Mail: pentest {@} netprotect . ch