Ayashige provides a list of suspicious newly registered domains as a JSON feed.
- It collects newly registered domains via WebAnalyzer & WhoisDS.
- It computes a suspicious score of a given domain.
- The scoring rule comes from x0rz/phishing_catcher.
- It stores suspicious domains into a Redis instance.
- It provides suspicious domains as a JSON via
/feed
endpoint.
git clone https://github.com/ninoseki/ayashige
bundle install --path vendor/bundle
Please set following environmental values before using.
REDIS_HOST = YOUR_REDIS_HOST
REDIS_PORT = YOUR_REDIS_PORT
REDIS_PASSWORD = YOUR_REDIS_PASSWORD
bundle exec ruby bin/web_analyzer_job.rb
bundle exec ruby bin/whoisds_job.rb
- The jobs collects the latest registered domains from WebAnalyzer & WhoisDS.
- It checks a suspicious score of a given each domain and stores a suspicious one into a Redis instance.
bundle exec puma config.ru
-
Notes:
- This app is hosted on Heroku free dyno.
- The Cron job is triggered at 20:00 UTC+0 every day.
- The data in the Redis instance will expire after 48 hours.
- I'm running this app just as a hobby and I cannot assure its consistency.
Bug reports and pull requests are welcome on GitHub at https://github.com/ninoseki/ayashige.
The gem is available as open source under the terms of the MIT License.