Skip to content
Visualize networks of phishing by querying the API
Branch: master
Clone or download
Latest commit 0218293 Dec 6, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore Initial commit Nov 19, 2019
LICENSE Initial commit Nov 19, 2019 Changelog update Dec 6, 2019 Add technology to URL Dec 6, 2019
requirements.txt First commit Nov 19, 2019


Visualize networks (pyvis) of phishing by querying the API


v0.1 - Initial release

v0.2 - Shodan integration

v0.3 - Technologies used to build the website/phishing

This code was built using python 2.7 and then changed to python 3. The only difference is the way prints are made, everything else works fine on both versions.

Main purpose is to query API and create a graph network where nodes are: URL, website title, hostname, domain, IP, country, ASN (autonomous system number) and ISP. A maximum of the last 100 results are returned and used to create the network.

PS: the output file is a .html to be opened in a browser. If you run this tool on a server you won't be able to see the graph network.

Download git clone

Into directory cd phishstats-api-network/

Install packages pip3 install -r requirements.txt

Usage: field operator search

Usage examples: title eq facebook (for phishing with title facebook) title like ~facebook~ (for phishing with anything+facebook+anything) ip eq (for phishing with a specific IP address) tld eq br (for phishing with .br domains) countrycode eq br (for phishing hosted in Brazil) title asn eq as13335 (for phishing using Cloudflare) title isp like ~cloudflare~ (for phishing using Cloudflare - slower than the above) title like ~brandyouwanttofind~ (change it for brands you know are being targeted) url like ~brandyouwanttofind~ (change it for brands you know are being targeted)

How is the output?

Example 1

You can’t perform that action at this time.