Name: Phishing Catcher
Rating: 9 (1 reviews)
Author: Open Source

Customer Engagement

Help Desk

Web and Video Conferencing

Customer Support

Continuous Integration

Development

Online Proctoring Software

Education

Association Management

Business Intelligence (BI)

Collaboration

Contract Analysis

Data Analytics  and BI Services

Document Generation

File Sync

Enterprise

Accounting

Trust Management

Finance and Accounting

Applicant Tracking

Corporate Learning Management

Corporate Volunteering

HR Management

Payroll

Recruitment Agency

Succession Planning

Talent Intelligence

Talent Management

Workforce Analytics

Workforce Management

Human Resources

AIOps

API Design

Asset Tokenization

Cloud Storage

Container Management

DevOps

Disk Based Backup

Fraud Detection

Hadoop-Related

Integrated Development Environment (IDE)

Integration Platform as a Service (iPaaS)

Managed Private Cloud

Network Access Control (NAC)

Network Performance Monitoring

Relational Database Management Systems

Requirements Management

SSL Certificate

Tower Servers

Information Technology

A/B Testing

Ad Serving & Retargeting

All-in-One Marketing

Content Management

Content Marketing

Customer Loyalty Program

Digital Experience Platforms (DXP)

Email Marketing

Location Intelligence

Marketing Automation

Personalization Engines

Product Management

Social Media Management

Survey & Forms Building

Web Analytics

Marketing

AI Meeting Assistants

Email Signature

Project Management

Task Management

Professional Services

Customer Relationship Management (CRM)

Sales

Cloud Access Security Brokers

Data Loss Prevention

User and Entity Behavior Analytics (UEBA)

Security

Automotive

Catering

Church Management

Estate Planning

Hotel Management

Insurance Claims Management

Law Practice Management

Multiple Listing Service (MLS)

Vertical-Specific

Find top rated software and services based on in-depth reviews from verified users. 400+ software categories including PaaS, NoSQL, BI, HR, and more.

DNSTWIST

Open Source

YARA

Phishing Catcher by x0rz is a tool designed to detect and catch possible phishing domains in near real-time. According to the vendor, this solution caters to the needs of cybersecurity professionals, IT administrators, threat intelligence analysts, security operations centers, and financial institutions. With its advanced features and customizable configuration file, Phishing Catcher aims to provide a comprehensive solution to combat phishing attacks and safeguard sensitive information.

## Key Features

**Catch Phishing Domains**: According to the vendor, Phishing Catcher monitors TLS certificate issuances reported to the Certificate Transparency Log (CTL) via the CertStream API to detect and catch possible phishing domains in near real-time. Domain names are scored based on a configuration file to determine their level of suspicion.

**Configuration File**: The tool utilizes a simple YAML configuration file that allows users to assign scores to strings found in TLS certificate domain names. This customization enables adjustments or additions to strings and their corresponding scores. The configuration file includes two dictionaries: keywords and tlds, and assigns scores to strings found in the common name or SAN field of a TLS certificate.

**Scoring Algorithm**: Phishing Catcher employs a scoring algorithm to determine the level of suspicion for a domain name. According to the vendor, suspicious domains must meet or exceed specific thresholds: 65 for potential, 80 for likely, and 90 for suspicious. This scoring system aims to ensure accurate identification and reporting of phishing attempts.

**Support for Custom Config**: The tool supports the use of a custom configuration file as an override for the default configuration file. According to the vendor, this flexibility enables users to tailor the scoring system to their specific needs by adjusting or adding strings and scores.

**Simple Usage**: According to the vendor, Phishing Catcher is designed to be easy to use, requiring only a simple command to run the script. Once configured, usage is as simple as running the script, providing a user-friendly experience.

**Docker Container**: For users facing installation difficulties on macOS or other operating systems, Phishing Catcher offers the option to run the tool in a Docker container. According to the vendor, this alternative installation method aims to ensure seamless accessibility and usability.

Phishing Catcher is an open source threat hunting tool that allows a user to proactively search for potential phishing domains based on issued TLS certifications.

Phishing Catcher

Threat Hunting

Demo of Phishing Catcher

Threat Intelligence

Features for categories that leverage threat intelligence in network security

Network Analytics

Analyzes various data reports and logs (DNS, firewall, user data, security information etc.) to identify threats in a network.

Threat Recognition

Detection and recognition of malicious software within a network that could pose a threat to sensitive information.

Vulnerability Classification

Prioritizing vulnerabilities, to determine which vulnerabilities are most urgent and require a quicker resolution.

Automated Alerts and Reporting

Systems in place to automatically alert, report, or notify of issues that may need timely remediation.

Threat Analysis

Analyzing known factors such as behavior patterns, affected areas, and other specific features to more easily identify a threat.

Threat Intelligence Reporting

Generates reports that display information on threats (such as name, type, frequency of attack, area affected, etc.)

Automated Threat Identification

Leveraging multiple sources of information (such as threat intelligence databases) to automatically identify threats.

Threat Hunting Tools

Tools that actively scan a network for threats. These tools will commonly integrate with and use threat intelligence databases for threat identification and elimination.

Scanning for Vulnerabilities

Scans that identify vulnerable areas within a network.

Behavioral Analytics

Using threat behavior to establish a pattern which can be used to identify the similar threats faster in the future.

Endpoint Security

Endpoint security software protects enterprise connected devices from malware and cyber attacks.

Infection Remediation

Capability to quarantine infected endpoint and terminate malicious processes.

Anti-Exploit Technology

In-memory and application layer attack blocking (e.g. ransomeware)

TrustRadius is a technology and business research firm based in Austin, Texas. The company is known as a review platform for verified B2B technology and software reviews through a proprietary algorithm and human verification.

TrustRadius

Home

Phishing Catcher

Overview

What is Phishing Catcher?