Tuesday, October 15, 2024
HomeReporting ToolsReal-Time Intelligence Feed to Catch Malicious Phishing Domains SSL Certificate

Real-Time Intelligence Feed to Catch Malicious Phishing Domains SSL Certificate

Published on

Malware protection

Phishing is one of the most common problems for Internet Users, hackers find a new innovative method to create believable URL’s to trick users. According to Google research, more than 15% accounts hijacked by using these social engineering methods.

With Recent Google research, they found 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on black market forums.

In this Kali Linux Tutorial, we are to introduce phishing_catcher that catches Phishing domain SSL using Live stream.

- Advertisement - SIEM as a Service

Also Read: DEFCON -2017 Hackers Presentation Complete PDF Lists with Advance Hacking Techniques

How it works

CertStream is an intelligence feed that provides you real-time data feed that fetched from the Certificate Transparency Log network aims at increasing safety with TLS certificates. Most importantly CT was put in the place to defend mis-issuance.

It allows you to use it as a building block to make tools that react to new certificates being issued in real time.

To install Phishing catcher use the following command

git clone https://github.com/x0rz/phishing_catcher.git

Then you need to install the following the following python packages installed: certstream, tqdm, entropy, termcolor, tld, python_Levenshtein.

pip install -r requirements.txt

Then to execute run the following command.

python catch_phishing.py

In the list, we can see how it can exfiltrate the data based on the suspicious score.

Author: x0rz

Advantages

Early detection of misissued certificates, malicious certificates, and rogue CAs.
Faster mitigation of suspect certificates or CAs is detected.
Better oversight of the entire TLS/SSL system.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

HORUS Protector Delivering AgentTesla, Remcos, Snake, NjRat Malware

The Horus Protector crypter is being used to distribute various malware families, including AgentTesla,...

ErrorFather Hackers Attacking & Control Android Device Remotely

The Cerberus Android banking trojan, which gained notoriety in 2019 for its ability to...

Hackers Allegedly Selling Data Stolen from Cisco

A group of hackers reportedly sells sensitive data stolen from Cisco Systems, Inc.The...

Fortigate SSLVPN Vulnerability Exploited in the Wild

A critical vulnerability in Fortinet's FortiGate SSLVPN appliances, CVE-2024-23113, has been actively exploited in...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

New Free Cyber Threat Intelligence Tool to Discover Malicious IPs and Domains

A new free cyber threat Intelligence tool that helps you in identifying malicious IP...