mitchellkrogza/Phishing.Database mitchellkrogza/Phishing.Database

  • Stars
    star
    1,039
  • Rank 42,683 (Top 0.9 %)
  • Language
    Shell
  • License
    MIT License
  • Created about 6 years ago
  • Updated 3 days ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
mitchellkrogza/Phishing.Database
github

mitchellkrogza

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.

Phishing Domain Status Testing Repo

Phishing Domain Database Follow @PhishFindr

NOTICE: Do Not Clone the repository and rely on Pulling the latest info !!!

This WILL BREAK daily due to a complete reset of the repository history every 24 hours. Please rely ONLY on pulling individual list files or the full list of domains in tar.gz format and links in tar.gz format (updated hourly) using wget or curl.

SPONSORS
Tines SponsorshipLimacharlie Sponsorship
REPO BECOME A SPONSOR
DUB Your logo and link to your domain will appear here if you become a sponsor. Simply email me on [email protected] if you would like to sponsor this project as South Africa is not supported yet under the Github sponsor program.
Follow @PhishFindR Help Support Me at https://ko-fi.com/mitchellkrog

Version: V.2023-08-27.03

💥 Latest Threats
@ 03:32:17		 💥 Active Threats
Sunday 2023-08-27		 Total Links
Discovered Today
⚠️ 34 ⚠️ 598 394

Total Phishing Domains Captured: 569494 << (FILE SIZE: 4.8M tar.gz)

Total Phishing Links Captured: 1022581 << (FILE SIZE: 22M tar.gz)

Purpose of this repo?

A Testing Repository for Phishing Domains, Web Sites and Threats. Above are results of Domains that have been tested to be Active, Inactive or Invalid. These Lists update hourly. This is just one of a number of extensive projects dealing with testing the status of harmful domain names and web sites. We test sources of Phishing attacks to keep track of how many of the domain names used in Phishing attacks are still active and functioning. We sort all domains from all sources into one list, removing any duplicates so that we have a clean list of domains to work with.

Additions

Add Phishing Domains

To add domains to this database send a Pull Request on the file https://github.com/mitchellkrogza/phishing/blob/main/add-domain

  • include the domain name only (no http / https)

Add Phishing Urls / Links

To add links / urls to this database send a Pull Request on the file https://github.com/mitchellkrogza/phishing/blob/main/add-link

  • Include the full link

Do Not Make Pull Requests for Additions in this Repo !!!

Please Send PR's to above files

PR > https://github.com/mitchellkrogza/phishing

Define an Active Status

We define ACTIVE domains or links as any of the HTTP Status Codes Below. All the following HTTP status codes we regard as ACTIVE or still POTENTIALLY ACTIVE.

  • ACTIVE HTTP Codes
- 100
- 101
- 200
- 201
- 202
- 203
- 204
- 205
- 206
  • POTENTIALLY ACTIVE HTTP Codes
- 000
- 300
- 301
- 302
- 303
- 304
- 305
- 307
- 403
- 405
- 406
- 407
- 408
- 411
- 413
- 417
- 500
- 501
- 502
- 503
- 504
- 505
  • POTENTIALLY INACTIVE HTTP Codes
- 400
- 402
- 403
- 404
- 409
- 410
- 412
- 414
- 415
- 416

Criminals planting Phishing links often resort to a variety of techniques like returning a variety of HTTP failure codes to trick people into thinking the link is gone but in reality if you test a bit later it is often back.

Our System also tests and re-tests anything flagged as INACTIVE or INVALID.

How do you test?

We make use of the awesome PyFunceble Testing Suite written by Nissar Chababy. Over many years in development this testing tool really provides us with a reliable source of active and inactive domains and through regular testing even domains which are inactive and may become active again are automatically moved back to the active list. Read More about PyFunceble

Contributing

If you have a source list of phishing domains or links please consider contributing them to this project for testing? Simply send a PR adding your input source details and we will add the source.

Please Remove my Domain From This List !!

If your domain was listed as being involved in Phishing due to your site being hacked or some other reason, please file a False Positive report it unfortunately happens to many web site owners.

Make sure to include links in your report to where else your domain / web site was removed and whitelisted ie. Phishtank / Openphish or it might not be removed here at all.

Some Domains from Major reputable companies appear on these lists?

Lots of Phishing, Malware and Ransomware links are planted onto very reputable services. We automatically remove Whitelisted Domains from our list of published Phishing Domains.

We do NOT however remove these and enforce an Anti-Whitelist from our phishing links/urls lists as these lists help other spam and cybersecurity services to discover new threats and get them taken down. Please send a PR to the Anti-Whitelist file to have something important re-included into the Phishing Links lists. The Anti-Whitelist only filters through link (url) lists and not domain lists.

Keep Threat Intelligence Free and Open Source

We are firm believers that threat intelligence on Phishing, Malware and Ransomware should always remain free and open source. Open disclosure of any criminal activity such as Phishing, Malware and Ransomware is not only vital to the protection of every internet user and corporation but also vital to the gathering of intelligence in order to shut down these criminal sites. Selling access to phishing data under the guises of "protection" is somewhat questionable.

Buy me Coffee

Contributors

License

MIT License

Copyright (c) 2018-2023 Mitchell Krog - github.com/mitchellkrogza
Copyright (c) 2018-2023 Nissar Chababy - github.com/funilrys

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

More Repositories

1

nginx-ultimate-bad-bot-blocker

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders
Shell
3,602
star
2

apache-ultimate-bad-bot-blocker

Apache Block Bad Bots, (Referer) Spam Referrer Blocker, Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites, Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
C
732
star
3

The-Big-List-of-Hacked-Malware-Web-Sites

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.
Shell
248
star
4

Fail2Ban.WebExploits

This custom Fail2Ban filter and jail will deal with all scans for common Wordpress, Joomla and other Web Exploits being scanned for by automated bots and those seeking to find exploitable web sites.
Shell
159
star
5

Fail2Ban-Blacklist-JAIL-for-Repeat-Offenders-with-Perma-Extended-Banning

A customised jail with action and filter file for Fail2Ban. This jail is based on the recidive jail but makes use of a simple text file to enable extended and permanent bans.
144
star
6

Badd-Boyz-Hosts

A hosts file for use on any operating system to block bad domains out of your servers or devices.
Shell
102
star
7

linux-server-administration-scripts

Simple bash administration scripts for Linux to make your life easier.
Shell
60
star
8

fail2ban-useful-scripts

A collection of useful scripts for automation of & easing maintenance of Fail2Ban
Shell
46
star
9

phishing

Central Repository for Adding Domains / Links to the Phishing.Database project - https://github.com/mitchellkrogza/Phishing.Database/
41
star
10

Suspicious.Snooping.Sniffing.Hacking.IP.Addresses

A daily updated list of suspicious, snooping, sniffing and hacking attempts from IP addresses against services like SSH, HTTP and Wordpress Hack Attempts
Shell
38
star
11

Stop.Google.Analytics.Ghost.Spam.HOWTO

How to stop Google Analytics "Ghost" Spam using a well curated list of spam referrer domains and web sites. Simple and easy to use with instructions for creating Segments in Google Analytics using our google-exclude files.
Shell
29
star
12

Badd-Boyz-Bitcoin-Scammers

A list of bitcoin addresses being used in Ransomware and Sextortion Scams
13
star
13

Travis-CI-Nginx-for-Testing-Nginx-Configuration

How to get Travis CI to test Nginx code including nginx.conf, vhosts and custom nginx code you have written and need to test using Travis CI's build checker.
Shell
11
star
14

Travis-CI-for-Apache-For-Testing-Apache-and-PHP-Configurations

How to get Travis CI to test Apache code including vhosts and custom apache code like .htaccess rules or other scripts you have written and need to test using Travis CI's build checker.
Shell
11
star
15

Top-Attacking-IP-Addresses-Against-Wordpress-Sites

Lists of the top attacking IP addresses trying to hack or compromise Wordpress web sites.
Shell
8
star
16

Global-List-Facebook-Groups-Keyword-Moderation-Alerts

The Global List of Facebook Groups Keywords for Moderation Alerts
Shell
5
star
17

phisherman

Extensible open source phishing incident response automation
Java
4
star
18

scripts

Scripts for servers, desktops, fun
Python
2
star
19

fail2ban-wiki

Fail2Ban Wiki Contributions
2
star
20

Badips.com-Hosts-File-Generator

A simple shell script to pull a daily list of known bad hosts from badips.com and create an /etc/hosts.deny file for you. Only hosts with a level 5 (bad) are pulled daily from badips.com
Shell
2
star
21

CoinBlockerLists

Simple lists that can help prevent cryptomining in the browser or other applications.
1
star