This tool must only be used in environments where you have explicit authorization.

Unauthorized phishing attacks are illegal.