{"id":16471179,"url":"https://github.com/tanaybhadula/phishing-website-detection","last_synced_at":"2025-07-21T03:34:42.178Z","repository":{"id":60938140,"uuid":"546696739","full_name":"TanayBhadula/phishing-website-detection","owner":"TanayBhadula","description":"A web application to predicted whether a URL/Website is phishing or not by extracting its lexical features.","archived":false,"fork":false,"pushed_at":"2022-10-06T21:51:57.000Z","size":1550,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-16T23:24:23.246Z","etag":null,"topics":["classification","descision-tree","flask","machine-learning","pandas","phishing-detection","python","random-forest","scikit-learn","stacking-classifier","svm-classifier","xgboost"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TanayBhadula.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-10-06T13:52:36.000Z","updated_at":"2025-02-15T11:41:22.000Z","dependencies_parsed_at":"2022-10-07T03:33:17.122Z","dependency_job_id":null,"html_url":"https://github.com/TanayBhadula/phishing-website-detection","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/TanayBhadula/phishing-website-detection","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TanayBhadula%2Fphishing-website-detection","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TanayBhadula%2Fphishing-website-detection/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TanayBhadula%2Fphishing-website-detection/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TanayBhadula%2Fphishing-website-detection/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TanayBhadula","download_url":"https://codeload.github.com/TanayBhadula/phishing-website-detection/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TanayBhadula%2Fphishing-website-detection/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266235564,"owners_count":23897181,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["classification","descision-tree","flask","machine-learning","pandas","phishing-detection","python","random-forest","scikit-learn","stacking-classifier","svm-classifier","xgboost"],"created_at":"2024-10-11T12:12:50.982Z","updated_at":"2025-07-21T03:34:42.157Z","avatar_url":"https://github.com/TanayBhadula.png","language":"Jupyter Notebook","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n# :mag_right: Lexical Features Based Phishing URL Detection\n\n## Objective\nA phishing website is a common social engineering method that mimics trustful uniform resource locators (URLs) and webpages. The objective of this project is to train machine learning models and deep neural nets on the dataset created to predict phishing websites. Both phishing and benign URLs of websites are gathered to form a dataset and from them required URL and website content-based features are extracted. The performance level of each model is measures and compared.\n\n## Data Collection\nTo perform phishing website classification, the Phishing Websites Data Set of the UCI machine learning repository is used. It contains 31 columns that have 30 features and a target variable which has the label. The target variable has\ntwo classes denoting whether the website is legitimate or phishing. The dataset contains data of 11,055 legitimate and phishing \n\n* Link - https://drive.google.com/file/d/1fWv_tUD301Iex0Cx4T6_oQ2vE0nKY6TH/view?usp=sharing\n\n## Feature Extraction\nThe features often used in phishing classification may be divided into two groups, as illustrated below.\n\n* Lexical based features if URL\n* Page based features\n\nTo locate URL-based characteristics, the feature extractor first analyses the website's URL. We retrieved the following URL-based characteristics.\n* URL containing IP address\n* URL length\n* Shortening of URL\n* URL having “@” symbol\n* Redirecting using “//”\n* Prefix/suffix\n* Having subdomain in URL\n* HTTPS (SSL)\n* Domain registration length\n* Favicon\n* Port\n* HTTPS token\n* Request URL\n* URL of anchor\n* Links present in tags\n* SFH\n* Submitting to email\n* Abnormal URL\n* Redirection\n* OnMouseOver event\n* Right Click function\n* Pop up window\n* IFrame\n* Domain Age\n* DNS Record\n* Traffic of Website\n* Page Rank\n* Google Index\n* Links pointing to page\n* Statistical Report\n\n## Models \u0026 Training\n\nBefore stating the ML model training, the data is split into 80-20 i.e., 8844 training samples \u0026 2211 testing samples. From the dataset, it is clear that this is a supervised machine learning task. There are two major types of supervised machine learning problems, called classification and regression.\n\nThis data set comes under classification problem, as the input URL is classified as phishing (-1) or legitimate (1). The supervised machine learning models (classification) considered to train the dataset in this project are:\n\n* Decision Tree\n* Random Forest\n* XGBoost\n* StackingClassifier\n* Support Vector Machines\n\n## Block Diagram\n\u003cp align=\"center\"\u003e\n    \u003cimg alt=\"Block Diagram\" src=\"./image/block.png\" width=\"80%\"/\u003e\n\u003c/p\u003e\n\n## Run\n- Clone this Repository: `git clone https://github.com/TanayBhadula/phishing-website-detection.git`\n- `cd phishing-website-detection/`\n- `pip3 install -r requirements.txt`\n- Now run, `python3 app.py`   \n- Then you will see the below screen, enter the URl in search to find if its legitimate or phishing.\n- \n## Implementation images\n\u003cp align=\"center\"\u003e\n    \u003cimg alt=\"phishing images\" src=\"./image/phishing.png\" width=\"80%\"/\u003e\n\u003c/p\u003e\n\u003cp align=\"center\"\u003e\n    \u003cimg alt=\"legitimate images\" src=\"./image/legitimate.png\" width=\"80%\"/\u003e\n\u003c/p\u003e\n\n## End Results\nFrom the obtained results of the above models, XGBoost Classifier has highest model performance of 97.4%, and Stacking Classifier gave 96% accuracy. \n\n### Next Steps\n\nThis project can be further extended to creation of browser extention or developed a GUI which takes the URL and predicts it's nature i.e., legitimate of phishing.  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftanaybhadula%2Fphishing-website-detection","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftanaybhadula%2Fphishing-website-detection","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftanaybhadula%2Fphishing-website-detection/lists"}