Bluekit phishing – Misryoum reports Bluekit brings 40+ phishing templates and an AI assistant to draft campaigns, alongside tools for setup and monitoring.
A new phishing kit called Bluekit is positioning itself as an easier, faster way to build convincing email and web lures, pairing ready-made templates with an AI assistant for drafting campaign copy.
Bluekit includes more than 40 templates aimed at widely used services. including email providers like Outlook and Gmail. cloud and identity targets. developer platforms. and cryptocurrency-related brands.. The kit also features an “AI Assistant” panel that supports multiple model options. helping operators generate phishing email drafts and campaign text.
This is part of a broader shift in cybercrime tooling: as AI gets more capable and more accessible, attackers increasingly use it to reduce the time and effort needed to produce content that looks tailored.
Beyond templates, Bluekit wraps several steps of the phishing workflow into a single interface.. Misryoum notes that the panel allows operators to choose domains. configure phishing pages. and manage campaigns without stitching together separate tools.. The setup includes options that can influence how the phishing page behaves. including how login flows are handled and how responses are delivered.
The same dashboard also supports session visibility after a victim interacts with the lure.. Misryoum reports that operators can monitor live sessions and capture activity such as cookies and local storage. giving them a clearer view of what was shown after a user logs in.. In addition. the kit offers controls intended to filter out certain traffic patterns. such as VPN or proxy connections and headless browsers.
For defenders and security teams, the key takeaway is not just that phishing kits exist, but that more of the attack lifecycle is being consolidated into systems that move from setup to refinement quickly, making early detection and user awareness even more important.
Varonis reviewed a limited version of Bluekit’s AI Assistant panel and indicated the generated drafts appeared more like structured placeholders than fully polished phishing flows.. The output. as described. included generic link fields and elements that would still require cleanup before use. suggesting the AI feature may still be evolving.
Misryoum also highlights that Bluekit integrates domain acquisition and campaign operations alongside page configuration. with data exfiltration handled through messaging channels accessible to operators.. With frequent updates and rapid development suggested by release activity. the kit appears to be changing quickly. which may lower the barrier for lower-tier attackers seeking an “all-in-one” platform.