Pentest Tools An Experimental Phishing Kit Detection Tool

Published on May 17th, 2019 📆 | 6917 Views ⚑

0

An Experimental Phishing Kit Detection Tool


Miteru is an experimental phishing kit detection tool.

How it works

  • It collects phishy URLs from the following feeds:
  • It checks each phishy URL whether it enables directory listing and contains a phishing kit (compressed file) or not.
    • Note: compressed file = *.zip, *.rar, *.7z, *.tar and *.gz.

Features

Installation

Usage

$ miteru
Commands:
  miteru execute         # Execute the crawler
  miteru help [COMMAND]  # Describe available commands or one specific command
$ miteru help execute
Usage:
  miteru execute

Options:
  [--auto-download], [--no-auto-download]              # Enable or disable auto-download of phishing kits
  [--directory-traveling], [--no-directory-traveling]  # Enable or disable directory traveling
  [--download-to=DOWNLOAD_TO]                          # Directory to download file(s)
                                                       # Default: /tmp
  [--post-to-slack], [--no-post-to-slack]              # Post a message to Slack if it detects a phishing kit
  [--size=N]                                           # Number of urlscan.io's results. (Max: 10,000)
                                                       # Default: 100
  [--threads=N]                                        # Number of threads to use
                                                       # Default: 10
  [--verbose], [--no-verbose]
                                                          # Default: true

Execute the crawler
$ miteru execute
...
https://dummy1.com: it doesn't contain a phishing kit.
https://dummy2.com: it doesn't contain a phishing kit.
https://dummy3.com: it doesn't contain a phishing kit.
https://dummy4.com: it might contain a phishing kit (dummy.zip).

Using Docker (alternative if you don’t install Ruby)

$ git clone https://github.com/ninoseki/miteru.git
$ cd miteru/docker
$ docker build -t miteru .
$ docker run miteru
# ex. auto-download detected phishing kit(s) into host machines's /tmp directory
$ docker run -v /tmp:/tmp miteru execute --auto-download

Aasciinema cast

Note
For using --post-to-slack feature, you should set the following environment variables:

  • SLACK_WEBHOOK_URL: Your Slack Webhook URL.
  • SLACK_CHANNEL: Slack channel to post a message (default: “#general”).

Alternatives

Download Best WordPress Themes Free Download
Download Best WordPress Themes Free Download
Download Best WordPress Themes Free Download
Download Best WordPress Themes Free Download
free download udemy paid course

Tagged with:



Leave a Reply ✍


loading...