Phishing catcher is python scripting for Catching malicious phishing domain names using certstream https://certstream.calidog.io/ SSL certificates live stream.
Background and What is Certificate Transparency?:
Google’s Certificate Transparency project fixes several structural flaws in the SSL certificate system, which is the main cryptographic system that underlies all HTTPS connections. These flaws weaken the reliability and effectiveness of encrypted Internet connections and can compromise critical TLS/SSL mechanisms, including domain validation, end-to-end encryption, and the chains of trust set up by certificate authorities. If left unchecked, these flaws can facilitate a wide range of security attacks, such as website spoofing, server impersonation, and man-in-the-middle attacks.
phishing_catcher
One of the problems is that there is currently no easy or effective way to audit or monitor SSL certificates in real time, so when these missteps happen (malicious or otherwise), the suspect certificates aren’t usually detected and revoked for weeks or even months. What’s more, these types of SSL missteps are occurring with increasing frequency. Over the past few years there have been numerous instances of misissued certificates being used to spoof legitimate sites, and, in some case, install malicious software or spy on unsuspecting users.
Dependencies:
+ Python 2.7.x
+ entropy==0.10, certstream==1.7 & tqdm==4.19.4 python module
Usage:
git clone https://github.com/x0rz/phishing_catcher && cd phishing_catcher pip install -r requirements.txt ./catch_phishing.py
Source: https://github.com/x0rz | https://blog.0day.rocks/catching-phishing-using-certstream-97177f0d499a