abwhose icon indicating copy to clipboard operation
abwhose copied to clipboard

Published 20 hours ago verified publisher icon bradleyjkemp

Report to phishing lists

Open mimi89999 opened this issue 2 years ago • 4 comments

Hello, Would it be possible to add reporting to phishing lists using their APIs?

mimi89999 avatar Sep 26 '21 19:09 mimi89999

Hey @mimi89999 have you tried phish.report for this?

Most phishing lists (at least any good ones) require an API key to submit to. As an open source tool, I can't include API keys in abwhose but (as it has a server-side component) phish.report can include keys and so submits to quite a few phishing lists.

Did you have any particular phishing lists in mind?

bradleyjkemp avatar Sep 26 '21 21:09 bradleyjkemp

No, but I saw that Netcraft's API doesn't require an API key: https://report.netcraft.com/api/v3 Google's Safe browsing also has an API endpoint that doesn't require a key coded in https://github.com/chromium/suspicious-site-reporter, but I don't know if it can be used.

I tried phish.report, but I would like to have an API for reporting phishing sites.

mimi89999 avatar Sep 26 '21 21:09 mimi89999

Out of interest, why is an API so important to you? It's something on the roadmap for phish.report but more for integrating with other tools. Did you want to do some sort of fully-automated detection+reporting system?

bradleyjkemp avatar Sep 27 '21 14:09 bradleyjkemp

Hello,

Sorry for the late reply.

Yes, I have a small script running on my computer that is automatically detecting phishing sites. I then check all detected sites manually and report them.

mimi89999 avatar Dec 31 '21 19:12 mimi89999