phishing – StalkPhish – phishing and brand impersonation detection

Using Phishing-Kit-Yara-Rules project for phishing kits detection and triage

By StalkPhish on 08/17/202108/17/2021

Since some months now, we maintain specific Yara rules to detect phishing kit sources (.zip files). Phishing kits sources are sometimes left on the host serving phishing pages. Using the StalkPhish project (see https://stalkphish.com/products/stalkphish/) we used to collect phishing kits in order to extract e-mails addresses, Telegram channels (see https://stalkphish.com/2020/12/14/how-phishing-kits-use-telegram/), and so on. In order

Posted in: phishing, phishing kit, PhishingKit-Yara-Search, python, Stalkphish, tool, virustotal, yara

phishing phishing kit Stalkphish tool

How-to use StalkPhish.io

By StalkPhish

StalkPhish.io is a SaaS application which provides enriched data about potential phishing URL or brand impersonation use, with a REST API.

Posted in: Cybersecurity, phishing, phishing kit, Stalkphish

phishing phishing kit

How phishing kits uses Telegram

By StalkPhish on 12/14/202003/29/2021

More and more actors uses Telegram chat groups to exfiltrate harvested data, we’ll show you how we can collect informations about those actors. Let’s have a dive into one of this kits.

Posted in: Cybersecurity, Infosec, phishing, phishing kit, Stalkphish

phishing phishing kit

[Phishing Kit] ‘Israel’ Outlook Web App credentials stealer

By StalkPhish on 12/06/201903/24/2021

An analysis of a phishing kit found with StalkPhish tool. This phishing kit impersonating a professional Outlook login pattern and exfiltrate credentials on an online portal (FormBuddy)… with no success.

Posted in: formbuddy, outlook, perl, phishing

Tag: phishing

Using Phishing-Kit-Yara-Rules project for phishing kits detection and triage

How-to use StalkPhish.io

How phishing kits uses Telegram

[Phishing Kit] ‘Israel’ Outlook Web App credentials stealer