The challenge was to fight phishing themed emails and links containing malicious/suspicious domains. As public in general do not have the knowledge to analyse the reputation of these domains we have created DROPi, a web-based or Firefox/Chrome extension for your browser that will pop up an alarm if one of the domains we collect is visited, and will alert the user to proceed with extra caution.
It content matches the domains visited with an active list of new/old registered domains that may contain suspicious activity about COVID-19 and/or phishing links.
All domains are validated against https://urlscan.io
It has been built using the languages/frameworks/APIs listed below, we will publish the Github once we finish brushing everything up.
It works! And we may have created something people can actually use and prevent them from falling victim of a phishing email or a credential harvesting website.
Teamwork, how to properly manage a project since creation to the very end. Plus creating a PoC!
Share with our friends and continue updating the phishing list with new COVID-19 threats.
Special thanks to Ryan, without his amazing work pulling the domains and making it public accessible this project could not have been possible. His repository: https://github.com/littl3field/DodgyDomainsBot Built With
api
bootstrap
c#
css
docker
dotnetty.common
entity-framework
framework
html5
javascript
jquery
microsoft.entityframeworkcore.sqlite
microsoft.entityframeworkcore.tools
microsoft.visualstudio.azure.containers.tools.targets
microsoft.visualstudio.web.codegeneration.design
rest
sql
Try it out