Skip to content
A tool designed to traverse phishing URL paths to search for phishing kit source code.
Branch: master
Clone or download
Latest commit 3f976c3 Jun 8, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE Create LICENSE Feb 13, 2019 altered output directory and logging May 13, 2019
requirements.txt update to packages May 13, 2019



The tool will traverse a URL path to find open directories. If found, it will then look for any zip/txt/exe files and download them. The likelihood is these files will contain the phishing source code, victim logs and possibly malware. You can supply a list of urls in a text file, or by default the code will connect to phishtank and parse the latest known phishing urls.

Additionally, the tool will also attempt to guess the name of the .zip, as commonly this is the same as the current URI folder, e.g.


Run the script without any arguments to use the latest URLs from


Else, you can pass a list of URLs and specify the folder where you'd like to save results

python --input urls.txt --output /phishing/kit/folder


phishfinder example


$ pip install -r requirements.txt


Updates planned include:

  • Brute-forcing for files using the directory as the filename
  • Brute-forcing of victim log files from common txt file naming conventions
  • Speed up the requests and use threading
  • Resolve issue where a successful guess downloads a file, followed by an Open Directory download
You can’t perform that action at this time.