https://github.com/andpalmier/letsgophishing

Given a list of URLs find phishing pages and kits. "So long and thanks for all the phish 🎣"
https://github.com/andpalmier/letsgophishing

golang phishing-kit phishing-kits

Last synced: 6 days ago
JSON representation

Given a list of URLs find phishing pages and kits. "So long and thanks for all the phish 🎣"

• Host: GitHub
• URL: https://github.com/andpalmier/letsgophishing
• Owner: andpalmier
• License: other
• Created: 2020-05-31T14:37:19.000Z (over 4 years ago)
• Default Branch: master
• Last Pushed: 2021-12-17T15:39:37.000Z (about 3 years ago)
• Last Synced: 2024-11-14T11:16:15.402Z (2 months ago)
• Topics: golang, phishing-kit, phishing-kits
• Language: Go
• Homepage:
• Size: 234 KB
• Stars: 0
• Watchers: 2
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# LetsGoPhishing



  

  


    

    

    

  


This tool was written to inspect a list of URLs and check if they are hosting phishing pages by looking at the `title` tag in the retrieved page and at `URL/admin/` (where usually are located the panels of known phishing kits, eg. 16shop). `letsgophishing` makes use of the goroutines and channels to parallelize the requests.

## Usage

Build the executable with `go build lgphish.go`. Then:

```

$ cat urls | lgphish -o output -r 100 -c config.json

-o: path to output file containing only suspicious URLs

-r: number of goroutines to create

-c: path to config file (json format)

```

## Config.json

An example of config file is provided in `config.json`; you can create your own config and specify the path with `-c`.

The config file allows to specify:

- `SuspiciousTitles`: if the `title` attribute of the HTML page at the specified URL contains one of the string in this array, the URL will be considered as suspicious.

- `KitsTitles`: if the `title` attribute of the HTML page at `/admin/` contains one of the string in this array, the URL could host a phishing kit.