phishing
Want to piss off your IT department? Are your links not malicious looking enough?
This is a tool that takes any link and makes it look malicious. It works on the idea of a redirect. Much like https://tinyurl.com/ for example. Where tinyurl makes an url shorter, this site makes it look malicious.
Related contents:
Repository of Yara rules dedicated to Phishing Kits Zip files.
This repository, dedicated to Phishing Kits zip files YARA rules, is based on zip raw format analysis to find directories and files names, you don't need yara-extend there.
Related contents:
phishing, scam and brand impersonation detection – StalkPhish – We provide B2B tools, data and knowledge for a better phishing and brand impersonation detection.
StalkPhish-OSS is a tool created for searching into free OSINT databases for specific phishing kits URL. StalkPhish-OSS was made for phishing pages detection. More, StalkPhish-OSS is designed to try finding phishing kits sources.
Related contents:
Timely. Accurate. Relevant Phishing Intelligence.
Related contents:
The Web-Email Spear Phishing Toolkit. An open-source phishing toolkit to simulate real-world phishing attacks that comprise phishing email and website.
SniperPhish (SP in short) is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish helps to combine both phishing emails and phishing websites you created to centrally track user actions. The tool is designed in a view of performing professional phishing exercise and would be reminded to take prior permission from the targeted organization to avoid legal implications.
Phishing & Scam Domain Blacklist.
An up-to-date blacklist of phishing and scam domains, automatically updated by the PhishDestroy system. A reliable threat intelligence source for integration into security systems.
PhishTool gives human analysts the power to reverse engineer phishing emails, to better defend against them. PhishTool is to phishing emails as a disassembler is to malware or a forensic toolkit is to file systems.
Related contents:
Where companies get their teams secured.
Riot is the leading employee security posture management platform, keeping thousands of the world's leading companies safe from hackers.
Related contents:
AntiSquat leverages AI techniques such as natural language processing (NLP), large language models (ChatGPT) and more to empower detection of typosquatting and phishing domains.
Related contents:
l'humain au cœur de la cybersécurité. La sensibilisation à la cybersécurité réinventée qui divise par 10 le risque de cyberattaque
A l’aide d’un programme de sensibilisation au phishing basé sur l’apprentissage par l’action, créé sur mesure pour chaque utilisateur et animé sur la durée sans intervention de votre part
Swordphish is a platform allowing to create and manage fake phishing campaigns.
The goal of Swordphish is to raise awareness of your users regarding phishing easily and in a secure way.
Related contents:
PhishTool automatically retrieves all of the relevant metadata from a phishing email, providing you with the most comprehensive technical view of a phishing email possible. This combined with our OSINT and heuristic detection, makes PhishTool one seriously powerful tool.
EvilnoVNC is a Ready to go Phishing Platform.
Unlike other phishing techniques, EvilnoVNC allows 2FA bypassing by using a real browser over a noVNC connection.
In addition, this tool allows us to see in real time all of the victim's actions, access to their downloaded files and the entire browser profile, including cookies, saved passwords, browsing history and much more.
Check if an IP address or domain is malicious.
isMalicious is a cybersecurity API that helps protect your web applications from malicious or suspicious actors.
phishing domain scanner.
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation. See what sort of trouble users can get in trying to type your domain name. Find lookalike domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud, and brand impersonation. Useful as an additional source of targeted threat intelligence.
Related contents:
Stop trying to avoid phishing. Choose a weapon and fight it...
PhishTool gives human analysts the power to reverse engineer phishing emails, to better defend against them. PhishTool is to phishing emails as a disassembler is to malware or a forensic toolkit is to file systems.
HookPhish is a Python script designed to aid in the detection of phishing websites. It performs various checks on suspected URLs to identify potential threats.
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Related contents:
Open-Source Phishing Framework
Gophish is a powerful, open-source phishing framework that makes it easy to test your organization's exposure to phishing.
Sources: