The tool will traverse a URL path to find open directories. If found, it will then look for any zip/txt/exe files and download them. The likelihood is these files will contain the phishing source code, victim logs and possibly malware. You can supply a list of urls in a text file, or by default the code will connect to phishtank and parse the latest known phishing urls.
Additionally, the tool will also attempt to guess the name of the .zip, as commonly this is the same as the current URI folder, e.g.
Run the script without any arguments to use the latest URLs from http://data.phishtank.com/data/online-valid.json
Else, you can pass a list of URLs and specify the folder where you'd like to save results
python phishfinder.py --input urls.txt --output /phishing/kit/folder
$ pip install -r requirements.txt
Updates planned include:
Brute-forcing for files using the directory as the filename
- Brute-forcing of victim log files from common txt file naming conventions
- Speed up the requests and use threading
Resolve issue where a successful guess downloads a file, followed by an Open Directory download