Skip to content

jaygaikar-09/Hack-Secure-Hackathon-Project

BranchesTags

Repository files navigation

Phishing Detector Project

🚀 Quick Start

1. Start Backend API

cd "Phishing Detector Project\server"
npm install
npm start
  • Wait for: "Reputation loaded: X URLs from OpenPhish"
  • API runs at http://localhost:3000

2. Start Frontend

cd "Phishing Detector Project"
python -m http.server 8000
  • Open: http://localhost:8000/phishing.html

3. Test Detection

  • Click "Load: Urgent account reset" → "Scan"
  • Should show "Analysis via server" with risk score and reasons

📁 Project Structure

Phishing Detector Project/
├── phishing.html                    # Main frontend interface
├── server/                          # Backend API server
│   ├── index.js                    # Main server file with detection logic
│   ├── package.json                # Node.js dependencies
│   └── node_modules/               # Installed packages
├── Phishing_Detector_Documentation.md  # Complete technical documentation
└── README_Phishing_Detector.md     # Detailed setup and usage guide

🔍 Features

  • 9 Rule-Based Heuristics: Detects urgency, credentials, payment requests, etc.
  • 7 URL Analysis Rules: Checks TLDs, obfuscation, lookalikes, etc.
  • Real-time Reputation: OpenPhish feed integration
  • Explainable AI: Shows exactly why content was flagged
  • Responsive Design: Works on mobile and desktop
  • Graceful Fallback: Works even if backend is down

📊 Detection Rules

Rule Score Purpose
Urgency +15 "urgent", "24 hours", "suspended"
Credentials +20 "verify account", "reset password"
Payment +20 "gift card", "wire transfer", "SSN"
Loan Bait +12 "instant loan", "pre-approved"
UPI/KYC/OTP +10 Indian SMS scam markers
Generic Greeting +8 "Dear customer" instead of real name
Attachments +12 ".zip", ".exe", "attached file"
Brand Spoofing +8 "Microsoft", "PayPal", "Google"
Spelling Errors +6 "acount", "veriffy", "recieve"

🎯 Risk Levels

  • 🟢 Low Risk: 0-29 points
  • 🟡 Medium Risk: 30-59 points
  • 🔴 High Risk: 60+ points

📚 Documentation

  • Complete Documentation: Phishing_Detector_Documentation.md
  • Setup Guide: README_Phishing_Detector.md
  • API Reference: See documentation for endpoint details

🛠️ Development

Adding New Rules

  1. Edit server/index.js
  2. Add regex pattern and scoring logic
  3. Restart backend: npm start
  4. Test with sample cases

Customization

  • Modify detection rules in evaluateMessage() and evaluateUrl()
  • Add new reputation feeds in refreshOpenPhish()
  • Update UI styling in phishing.html

🚀 Deployment

Local Development

  • Backend: http://localhost:3000
  • Frontend: http://localhost:8000/phishing.html

Production

  • Deploy backend to Node.js hosting (Heroku, Railway, etc.)
  • Deploy frontend to static hosting (Netlify, Vercel, etc.)
  • Update API_URL in frontend code

📞 Support

For technical issues or questions:

  1. Check the complete documentation
  2. Verify backend is running: http://localhost:3000/health
  3. Check browser console for errors
  4. Ensure all dependencies are installed

Built with ❤️ for cybersecurity education and protection

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages