Skip to content

This tool is based on regex with effective standards for detecting phishing sites in real time using certstream and can also detect punycode (IDNA) attacks.

Notifications You must be signed in to change notification settings

jimywork/certstreamcatcher

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Certstreamcatcher

Catching phishing by observing certificate transparency logs. This tool is based on regex with effective standards for detecting phishing sites in real time using certstream and can also detect punycode (IDNA) attacks such as https://www.ṁyetḣerwallet.com.

Phishing

Phishing

Installation

$ cd /opt/
$ git clone https://github.com/6IX7ine/certstreamcatcher.git
$ cd certstreamcatcher
$ npm install

npm package

To install certstreamcatcher using npm run:

npm install --save certstreamcatcher

Try on npm runkit

This is a playground to test certstreamcatcher

https://npm.runkit.com/certstreamcatcher

Usage

The certstreamcatcher is extremely simple, all you have to do is to import the library certstreamcatcher and certstream register the callback and call certstreamClientPhishing and pass the callback parameter to certstreamClientPhishing.

const certstreamcatcher = require('certstreamcatcher'); 
const certstream = require("certstream");

const regex = /(wellsfargo|paypal|login|sign-in|secure|update|money|sslsecure|amazon)/gi; # Keywords

const tlds = ['.io','.gq','.ml','.cf','.tk','.xyz','.pw','.cc']; # tlds 

var client = new certstream(function(certstream) {  
	certstreamcatcher.certstreamClientPhishing(certstream, regex, tlds, {tlds: true});
});

client.connect();

To execute the program save the above code and execute with the command:

$ node certstreamcatcher.js

Donations

  • XMR: 49m12JEEC6HPCHkLMX5QL4SrDQdKwh6eb4Muu8Z9CwA9MwemhzFQ3VcgHwyuR73rC22WCymTUyep7DVrfN3GPt5JBCekPrR

About

This tool is based on regex with effective standards for detecting phishing sites in real time using certstream and can also detect punycode (IDNA) attacks.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published