Phishing APIs that power brand protection products and MSSPs

Rapid, high confidence detection of malicious sites. Our automated analysis tools and let you find and neutralise sites faster with more confidence.

Get started

Detect phishing kit TTPs

Classify known phishing kits and discover new variants

Our threat intelligence ruleset detects hundreds of technical indicators of phishing sites. From obfuscation techniques to C2 protocols, our ruleset accurately detects and identifies the techniques used by threat actors.

Millions of domains scanned every day.: Our rule engine can scan millions of websites a day, returning a high accuracy verdict in milliseconds.
Rapid alerts.: As soon as a new site matches signatures for your brand, we alert you—usually within minutes of them being created.
Tuning help from our detection engineers.: Our phishing experts are available to help you tune your rules and write new ones.

fake-chrome-error.yml

phishing-kit.yml

title: Fake Chrome error page
description: |
    The Chrome error page HTML is built into the browser: you should never see it in the response from a
    website.
    This is a clear sign that the site is employing cloaking/anti-analysis techniques.
references:
    - https://twitter.com/phish_report/status/1537825544343011328

detection:
    chromeHTMLFragments:
        html|contains|all:
            - '<body id="t" class="neterror" style="font-family: '
            - '<div id="main-frame-error" class="interstitial-wrapper" jstcache="0">'
    condition: chromeHTMLFragments