PhishGuard — Phishing Simulation Platform
Tech Stack
Overview
PhishGuard empowers security teams to proactively assess and improve their organization's resilience against phishing attacks. The platform simulates real-world phishing scenarios in a controlled environment, identifies vulnerable users, and provides data-driven training recommendations — powered by an optional machine learning engine.
Key capabilities include campaign management and scheduling, customizable phishing email delivery via SMTP, behavioral tracking (email opens and link clicks), per-user risk scoring, ML-powered training need prediction using scikit-learn, an analytics dashboard with Chart.js, and PDF/CSV report export. The backend uses Node.js/Express with Bull job queues and node-cron for automation, while the optional ML service runs on Flask with pandas and scikit-learn.
Challenges
- Designing a realistic phishing simulation flow that tracks user interactions without compromising security
- Building an ML pipeline that predicts training needs from limited behavioral interaction data
- Orchestrating multiple services (React frontend, Express backend, Flask ML service) with async job processing
Solutions
- Implemented pixel and redirect-based tracking with JWT-secured endpoints and rate limiting
- Trained a scikit-learn classification model on historical interaction data with computed risk scores
- Used Bull queue for async jobs, node-cron for scheduled campaigns, and Redis caching for performance