Catching phishing sites with certstream logs


What is certstream

CertStream is an intelligence feed that gives you real-time updates from the Certificate Transparency Log network, allowing you to use it as a building block to make tools that react to new certificates being issued in real time.
And by using this we are going to catch phishing sites using certstream SSL certificate live streaming.

Steps to catch phishing sites
  • First open your terminal and clone into this url with following command: 
git clone https://github.com/x0rz/phishing_catcher.git

  • Go to your downloaded directory with cd phishing_catcher

  • Install required dependencies with pip install -r requirements.txt

  • Finally run the program with  python catch_phishinh.py and it will start showing list of malicious phishing sites by using live certstream SSL certificate 

Caught the malicious phishing site
And below you can see we got some fake Apple sites with similar looking interface 

 So by using following instructions you can be aware of malicious phishing sites and protect yourself to be their victim also remember to always look for the HTTPS in the URL

Comments

Popular posts from this blog

USB forensic : Find the history of every connected USB device on your computer

Crawling pastebin to find specific pastedump

Hack WinRAR password by using Brute force attack

Fileless malware Analysis with Cuckoo sandbox

Web application penetration testing: Tools and Techniques for web security auditing