Author

Topic: Tool For Catch Phishing (Read 419 times)

hero member
Activity: 2240
Merit: 537
FREE passive income eBook @ tinyurl.com/PIA10
March 26, 2020, 07:20:54 AM
#14
I’ve been looking for this site on and off for a couple of days recently. I’d thought I’d find it quickly, remembering the existence of this thread, but looking over my merited posts is rather futile to find posts. I’ve now resorted to bookmarking it, as it is a nice tool that goes a long way to show just how easy it is to make a type mismatch and end up on some spooky site.


True dat. If we're lucky, Chrome might give us a heads up but it's pretty much a cat-and-mouse game between the good and bad hackers.
legendary
Activity: 2338
Merit: 10802
There are lies, damned lies and statistics. MTwain
March 26, 2020, 04:40:19 AM
#13
I’ve been looking for this site on and off for a couple of days recently. I’d thought I’d find it quickly, remembering the existence of this thread, but looking over my merited posts is rather futile to find posts. I’ve now resorted to bookmarking it, as it is a nice tool that goes a long way to show just how easy it is to make a type mismatch and end up on some spooky site.
legendary
Activity: 2366
Merit: 2054
March 26, 2020, 12:22:59 AM
#12
I am suggesting for owner website to subscribe dnstwister, when someone already made similarly will notify by email
legendary
Activity: 2506
Merit: 1394
January 11, 2020, 03:06:09 AM
#11
(....)
Happy hunting and don't forget to report https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en
Additional sites for reporting some phishing websites or scam website is this: https://cryptoscamdb.org/report (new) or this: https://etherscamdb.info/report (old)
These websites has also list of some identified phishing or scams about cryptocurrency websites.
I also using these websites after reporting it to the google's safebrowsing website.
legendary
Activity: 2366
Merit: 2054
January 10, 2020, 11:58:44 PM
#10
I don't think if it's fine to post this tool here what do you think?
I am good.
No problem to me when remove this tool purpose to avoid scammer using it. I am posted because of helping phishing hunter to find and reporting malicious site.
legendary
Activity: 3374
Merit: 3095
Playbet.io - Crypto Casino and Sportsbook
January 10, 2020, 02:18:16 PM
#9
This tool dnstwister.report is interesting it can also find the Punycode domains which are available and not yet registered to any domain provider.

I don't think if it is good to put this tool here because they can use that tool to make a fake/phishing website(it means it also helps scammers to find Punycode domain)

Take a look at this one as a sample that I found from that tool

Code:
https://xn--bitcointal-2wb.org

If you enter that domain to chrome and firefox browser the result will be bitcointalķ.org no difference to the original website (orig:bitcointalk.org) the only thing you will notice is the letter k if you check the URL carefully. And the Punycode domain is very cheap to register to any domain provider.

I don't think if it's fine to post this tool here what do you think?
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
January 10, 2020, 11:47:00 AM
#8
The way newbie users get alerted about phishing web site also important. If software browser like Firefox or anti virus software alert users when they visit phishing web site, then it will save a lot of users from scam.
That would be good but some alerts from anti virus software is not accurate all the time. Sometimes the alerts are not what the software says. I suggest you use the provided tips and tools to use catching phishing sites to avoid getting phished without you knowing that your info are already taken.
newbie
Activity: 11
Merit: 0
January 10, 2020, 07:09:29 AM
#7
The way newbie users get alerted about phishing web site also important. If software browser like Firefox or anti virus software alert users when they visit phishing web site, then it will save a lot of users from scam.
legendary
Activity: 2366
Merit: 2054
January 10, 2020, 12:12:30 AM
#6
Guide to using phishing_catcher on Linux/ubuntu terminal

Requirement:

- Python2 or Python3

Code:
git clone https://github.com/x0rz/phishing_catcher.git

Code:
cd phishing_catcher

Code:
pip install -r requirements.txt

Running catcher
Code:
./catch_phishing.py




I got a lot Suspicious link. Let's try your self, dwyor
hero member
Activity: 2366
Merit: 838
December 15, 2019, 08:18:01 PM
#5
Welcome to my collection, DroomieChikito. You did a great guide.
legendary
Activity: 2366
Merit: 2054
December 15, 2019, 07:08:22 PM
#4
Good job man. I have been searching this type tools for long time. And today I have found something which maybe help me. And I have tried the first one. It looks good and cool.
Np, when you have good knowledge, you can run code by looking for suspicious TLS certificate issuances

https://github.com/x0rz/phishing_catcher

Phishing catcher using Certstream.
CertStream is getting data from the Certificate Transparency Log (CTL) to monitor for suspicious keywords.
https://blog.0day.rocks/catching-phishing-using-certstream-97177f0d499a

Tool for monitoring similar web are goods for exchange and wallet developer to avoid phishing.

report some phishing sites or scam/fake : https://etherscamdb.info/.
What do when we report it?, I see website like:
Code:
https://siawallet.io/
http://ethcharity.net/
Those are Still active. We have to report it to https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en first then https://etherscamdb.info before someone confuse to clicking the link on table.
legendary
Activity: 2506
Merit: 1394
December 15, 2019, 05:46:24 PM
#3
Every day we fund the phishing website always burning and try to scam people. I did a lot of catch of them and reported on safe browsing google
(...)
Great,  I'm a little bit surprised coz this kind of website exist, thank to you.
Btw, here's another website where we can report some phishing sites or scam/fake : https://etherscamdb.info/.
It's also about crypto where you can see some list of scam sites like phishing sites.
BUT, the best report we can do is to report on their particular registrar, it is much better to be take down immediately, emailing them will do, just provide the link of suspected scam/phishing website.
legendary
Activity: 2436
Merit: 1189
Need Campaign Manager?PM on telegram @sujonali1819
December 15, 2019, 08:45:41 AM
#2
Good job man. I have been searching this type tools since long time. And today I have found something which maybe help me. And I have tried the first one. It looks good and cool.
legendary
Activity: 2366
Merit: 2054
December 15, 2019, 08:04:54 AM
#1
Every day we fund the phishing website always burning and try to scam people. I did a lot of catch of them and reported on safe browsing google

What tool to find it?

https://dnstwister.report/



dnstwister is a good tool to find a similar domain and find potential phishing. We can subscribe and alert us when someone makes the same domain.
For example, I put localbitcoins.com on the following box




https://dnstwister.report/search?ed=6c6f63616c626974636f696e732e636f6d

Well, we can see 438 domains similar to localbitcoins.com and 242 domains resolved to an IP address.
Not at all online and Phishing, maybe was reported and when checking it one by one some people still selling similar domain and other one make referal into localbitcoins.



Another one to check phishing site is https://www.phishtank.com/





and sometimes I use https://www.virustotal.com/gui/home/search [insert IP address on box to find relation domain]





Happy hunting and don't forget to report https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

Jump to: