Skip to content

Kali-ai007/phishguard

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
cli
cli
 
 
core
core
 
 
dashboard
dashboard
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
app.py
app.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

PhishGuard 🛡️

AI-powered phishing URL scanner with local LLM explanations

Python License DB AI

PhishGuard is an open-source phishing detection tool that combines 5 detection layers with a local Mistral 7B AI to explain threats in plain English — no cloud APIs, no data sharing, everything runs on your own hardware.

⚡ Features

  • 5-Layer Detection Engine — heuristics, phishing DB, WHOIS, DNS, AI analysis
  • 110,000+ Threat Entries — PhishTank + URLhaus + OpenPhish + Feodo Tracker
  • Local AI Explanations — Mistral 7B via Ollama, runs on your own GPU
  • Plain English Results — non-technical users understand exactly why a URL is dangerous
  • Web Dashboard — clean UI with scan history and live threat feed stats
  • Zero External APIs — fully offline capable, no data sent to third parties
  • CLI Support — scriptable for automation and pipelines

🔍 Detection Layers

Layer Description
Heuristics Engine Brand impersonation, typosquatting, suspicious TLDs, keywords, Base64 obfuscation
Phishing Database SQLite DB with 110K+ URLs from PhishTank, URLhaus, OpenPhish
WHOIS Age Checker Flags newly registered domains (common in phishing attacks)
DNS / IP Lookup Hosting provider analysis + Feodo botnet C2 IP checks
AI Analysis — Mistral 7B Local LLM explains WHY a URL is dangerous in plain English

🚀 Quick Start

Prerequisites

  • Python 3.10+
  • Ollama with mistral model (for AI explanations)

Install

git clone https://github.com/Kali-ai007/phishguard.git
cd phishguard
pip install -r requirements.txt

Configure

cp .env.example .env
# Edit .env with your settings

Run Web Dashboard

python3 app.py
# Open http://localhost:5000

Run CLI

python3 cli/phishguard.py "https://example.com"
python3 cli/phishguard.py "https://example.com" -v
python3 cli/phishguard.py --update
python3 cli/phishguard.py --stats
python3 cli/phishguard.py --history
python3 cli/phishguard.py --watch

🤖 AI Setup (Optional)

PhishGuard uses Mistral 7B running locally via Ollama for plain English explanations. No data leaves your machine.

# Install Ollama from https://ollama.com
ollama pull mistral

# Set in .env:
OLLAMA_BASE_URL=http://localhost:11434

Tested on NVIDIA RTX 4060 (8GB VRAM) — ~5 second response time.

📁 Project Structure

phishguard/
├── app.py                  # Flask web dashboard
├── cli/
│   └── phishguard.py       # CLI interface
├── core/
│   ├── heuristics.py       # 9-check heuristics engine
│   ├── phishing_db.py      # SQLite threat database
│   ├── scorer.py           # Main scoring pipeline
│   ├── llm_explainer.py    # Mistral 7B integration
│   ├── whois_checker.py    # Domain age checker
│   └── dns_lookup.py       # DNS/IP reputation
├── dashboard/
│   └── index.html          # Web UI
├── .env.example            # Environment template
└── requirements.txt

🔒 Security & Privacy

  • No API keys required for core functionality
  • All scanning runs locally
  • AI explanations via local Ollama — no cloud LLM calls
  • .env file excluded from version control

⚠️ Disclaimer

For defensive and security awareness purposes only.

📄 License

MIT License

About

Phishing URL scanner / detector

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages