What is certstream
CertStream is an intelligence feed that gives you real-time updates from the Certificate Transparency Log network, allowing you to use it as a building block to make tools that react to new certificates being issued in real time.
And by using this we are going to catch phishing sites using certstream SSL certificate live streaming.
Steps to catch phishing sites
- First open your terminal and clone into this url with following command:
git clone https://github.com/x0rz/phishing_catcher.git
- Go to your downloaded directory with cd phishing_catcher
- Install required dependencies with pip install -r requirements.txt
- Finally run the program with python catch_phishinh.py and it will start showing list of malicious phishing sites by using live certstream SSL certificate
Caught the malicious phishing site
And below you can see we got some fake Apple sites with similar looking interface
So by using following instructions you can be aware of malicious phishing sites and protect yourself to be their victim also remember to always look for the HTTPS in the URL