​Identifying phishing links

​Identifying phishing links

The attentiveness of users when clicking on links to counter phishing attacks is important, but companies themselves should not sit idly by. By scanning the logs of the server on which the site is located, the owners can find such phishing links and try to block or notify users of their presence.

A good software for such scanning is PhishingKitHunter. It analyzes the server log file for links that try to copy pages and/or other files from the main site. The program saves all reports in a separate CSV file.

Installation:

Using

The program has only three options. The log file is added using the -i key, after which the path is specified. To save the output file, use -o. You also need to set the configuration file using the -c key.

Example command: python PhishingKitHunter.py -i logs.log -o report.csv -c conf/defaults.conf

To view the results: cat report.csv