An automated Python tool for continuous monitoring of domain integrity, identifying active web hosting, and detecting potential phishing threats.
Phish Hunter is a collection of Python scripts designed to automate the monitoring of domains for active web hosting and potential phishing threats. It includes two main scripts: hunter.py for general domain monitoring and URLscan_hunter.py for detailed analysis using the URLScan.io API.
hunter.pycontinuously monitors domains, checks for phishing indicators, and logs findings.URLscan_hunter.pyintegrates with the URLScan.io API for an in-depth scan and analysis of each domain.- Domains are checked only once, with results logged to prevent redundant checks.
- Color-coded console output for clear visibility of domain status.
- Logs are maintained for both hosted domains and detected phishing indicators.
- Python 3.x
requestslibrary
Ensure entities.txt, domains_formats.txt, and indicators.txt are populated with the desired data before running the scripts.
To execute hunter.py:
python hunter.pyTo execute URLscan_hunter.py (requires an API key from URLScan.io):
python URLscan_hunter.py
hunter.py: The main Python script for domain monitoring.URLscan_hunter.py: Uses URLScan.io's API to perform detailed scans of domains.entities.txt: Contains the entities (e.g., domain names) to be monitored.domains_formats.txt: Contains domain formats to be checked for each entity.indicators.txt: Contains specific indicators to detect potential phishing attempts.output.txt: Auto-generated log file for domains confirmed to host a website.phishing_kit_hosted.txt: Auto-generated log file for domains with detected phishing indicators.requirements.txt: Lists the Python dependencies required for the script.
Contributions to this project are welcome. Please fork the repository and submit a pull request with your suggested changes.
This project is released under the MIT License.