Phishing is one of the most common problems for Internet Users, hackers find a new innovative method to create believable URL’s to trick users. According to Google research, more than 15% accounts hijacked by using these social engineering methods.
With Recent Google research, they found 12.4 million potential victims of phishing kits; and 1.9 billion usernames and passwords exposed via data breaches and traded on black market forums.
In this Kali Linux Tutorial, we are to introduce phishing_catcher that catches Phishing domain SSL using Live stream.
Also Read: DEFCON -2017 Hackers Presentation Complete PDF Lists with Advance Hacking Techniques
CertStream is an intelligence feed that provides you real-time data feed that fetched from the Certificate Transparency Log network aims at increasing safety with TLS certificates. Most importantly CT was put in the place to defend mis-issuance.
It allows you to use it as a building block to make tools that react to new certificates being issued in real time.
To install Phishing catcher use the following command
git clone https://github.com/x0rz/phishing_catcher.git
Then you need to install the following the following python packages installed: certstream, tqdm, entropy, termcolor, tld, python_Levenshtein.
pip install -r requirements.txt
Then to execute run the following command.
python catch_phishing.py
In the list, we can see how it can exfiltrate the data based on the suspicious score.
Author: x0rz
Early detection of misissued certificates, malicious certificates, and rogue CAs.
Faster mitigation of suspect certificates or CAs is detected.
Better oversight of the entire TLS/SSL system.
Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light on…
Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure (OCI)…
A critical security vulnerability has been discovered in Netwrix Password Secure, a widely used enterprise…
Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994, in…
The Foundation for Defense of Democracies (FDD) and cybersecurity firm TeamT5 has exposed an intricate…
A sophisticated social engineering campaign that leverages the viral power of TikTok to distribute dangerous…