PhishingKit-Yara-Rules – StalkPhish – phishing and brand impersonation detection

Category: PhishingKit-Yara-Rules

Using Phishing-Kit-Yara-Rules project for phishing kits detection and triage

By StalkPhish on 08/17/202108/17/2021

Since some months now, we maintain specific Yara rules to detect phishing kit sources (.zip files). Phishing kits sources are sometimes left on the host serving phishing pages. Using the StalkPhish project (see https://stalkphish.com/products/stalkphish/) we used to collect phishing kits in order to extract e-mails addresses, Telegram channels (see https://stalkphish.com/2020/12/14/how-phishing-kits-use-telegram/), and so on. In order

Posted in: phishing, phishing kit, PhishingKit-Yara-Search, python, Stalkphish, tool, virustotal, yara

phishing phishing kit PhishingKit-Yara-Rules Stalkphish

Phishing kit using Google sheet to exfiltrate stolen data

By StalkPhish on 04/09/202104/09/2021

Analysis of a Facebook phishing kit which exfiltrate stolen data to an online Google Sheet using ajax POST method.

Posted in: facebook

phishing PhishingKit-Yara-Rules Stalkphish

Several domain names, one protected redirector, one phishing campaign.

By StalkPhish on 03/03/202103/24/2021

Sometimes phishing campaigns are not conduced with phishing kits only, actors behind those phishing campaigns can use different tricks to prevent their work being takedown, as using protected web redirectors.

Posted in: dhl, redirector

Last Blog Posts: StalkPhish - phishing and brand impersonation detection

Using Phishing-Kit-Yara-Rules project for phishing kits detection and triage

How-to use StalkPhish.io

StalkPhish.io is a SaaS application which provides enriched data about potential phishing URL or brand impersonation use, with a REST API.