Real-Time Intelligence Feed to Catch Malicious Phishing Domains SSL Certificate

Phishing is one of the most common problems for Internet Users, hackers find a new innovative method to create believable URL’s to trick users. According to Google research, more than 15% accounts hijacked by using these social engineering methods.

With Recent Google research, they found 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on black market forums.

In this Kali Linux Tutorial, we are to introduce phishing_catcher that catches Phishing domain SSL using Live stream.

Also Read: DEFCON -2017 Hackers Presentation Complete PDF Lists with Advance Hacking Techniques

How it works

CertStream is an intelligence feed that provides you real-time data feed that fetched from the Certificate Transparency Log network aims at increasing safety with TLS certificates. Most importantly CT was put in the place to defend mis-issuance.

It allows you to use it as a building block to make tools that react to new certificates being issued in real time.

To install Phishing catcher use the following command

git clone https://github.com/x0rz/phishing_catcher.git

Then you need to install the following the following python packages installed: certstream, tqdm, entropy, termcolor, tld, python_Levenshtein.

pip install -r requirements.txt

Then to execute run the following command.

python catch_phishing.py

In the list, we can see how it can exfiltrate the data based on the suspicious score.

Author: x0rz

Advantages

Early detection of misissued certificates, malicious certificates, and rogue CAs.
Faster mitigation of suspect certificates or CAs is detected.
Better oversight of the entire TLS/SSL system.