A comprehensive, free and open-source phishing detection and analysis tool designed for cybersecurity professionals, researchers, and security-conscious individuals.
- URL Analysis: Comprehensive URL structure and pattern analysis
- Domain Reputation: Check against known malicious domains
- SSL Certificate Validation: Verify certificate authenticity and validity
- Content Analysis: HTML/JavaScript pattern matching for phishing indicators
- Visual Similarity Detection: Compare website screenshots for brand impersonation
- Email Header Analysis: Analyze email headers for spoofing indicators
- Machine Learning Detection: AI-powered phishing classification
- Command Line Interface (CLI): For automated scanning and scripting
- Web Dashboard: Modern, responsive web interface
- REST API: Integration with other security tools
- Batch Processing: Scan multiple URLs simultaneously
- Detailed Reports: Comprehensive analysis results in multiple formats
- Risk Scoring: Quantified threat assessment
- Export Options: JSON, CSV, PDF reports
- Historical Tracking: Track scanning history and trends
# Clone the repository
git clone https://github.com/your-username/PhishingScanner.git
cd PhishingScanner
# Install dependencies
pip install -r requirements.txt
# Run setup
python setup.py# Scan a single URL
python phishing_scanner.py --url https://suspicious-site.com
# Scan multiple URLs from file
python phishing_scanner.py --file urls.txt
# Start web interface
python app.py
# API mode
python api_server.py- Python 3.8+
- Internet connection for real-time checks
- Optional: Chrome/Chromium for screenshot analysis
This tool is fully compatible with Linux systems. For Ubuntu/Debian:
# Install Python and pip
sudo apt update
sudo apt install python3 python3-pip
# Clone and setup
git clone <repository-url>
cd PhishingScanner
pip3 install -r requirements.txt
# Run CLI
python3 cli.py scan -u https://example.com
# Run web interface
python3 app.pyFor other Linux distributions, use your package manager's equivalent commands.
- Backend: Python, Flask, SQLite
- Frontend: HTML5, CSS3, JavaScript, Bootstrap
- Security: SSL/TLS analysis, certificate validation
- ML/AI: Scikit-learn, TensorFlow (optional)
- Web Scraping: BeautifulSoup, Selenium
- Image Analysis: Pillow, OpenCV
-
URL Pattern Analysis
- Suspicious URL structures
- Domain typosquatting detection
- Shortened URL expansion
-
Content Analysis
- HTML/CSS pattern matching
- JavaScript behavior analysis
- Form field analysis
-
Network Analysis
- DNS record validation
- IP geolocation checks
- Hosting provider analysis
-
Visual Analysis
- Screenshot comparison
- Logo/brand detection
- Layout similarity analysis
The tool can be configured via config.json:
{
"api_keys": {
"virustotal": "your_api_key",
"urlvoid": "your_api_key"
},
"thresholds": {
"risk_score": 70,
"similarity_threshold": 0.8
}
}- Scan speed: ~2-5 seconds per URL
- Batch processing: Up to 100 URLs simultaneously
- Accuracy: >95% detection rate on known phishing sites
We welcome contributions! Please see our Contributing Guidelines for details.
This project is licensed under the MIT License - see the LICENSE file for details.
This tool is for educational and legitimate security testing purposes only. Users are responsible for ensuring compliance with applicable laws and regulations.
- Thanks to the cybersecurity community for threat intelligence
- Built by Slade for the open-source security community
Stay Safe Online! 🔒