Tangled is a phishing platform that automates social engineering tactics, focusing on exploiting iCalendar features in email services like Microsoft Outlook and Gmail. It sends out fake meeting invites that users can accept without any action on their part, making it easier for attackers to gain unauthorized access to systems. The project emphasizes offensive security, offering tools for red team professionals to simulate phishing attacks effectively. Setting up Tangled is straightforward since it runs as Docker containers. Users can clone the repository from GitHub and configure it quickly by modifying environment variables. The setup involves a few command-line steps: cloning the repo, copying the example configuration, and starting the service with Docker commands. Once running, the platform provides a frontend accessible on port 8080 where users can log in with admin credentials. The documentation includes a detailed technical breakdown of how Tangled can be used for initial access and lateral movement within networks. The project encourages contributions from the community, welcoming suggestions and bug reports. It’s crucial for users to adhere to ethical guidelines and legal standards while using this tool, as it is designed for professionals in offensive security research. The platform operates under the Apache License 2.0, ensuring clear terms for usage and distribution.