The challenge was to fight phishing themed emails and links containing malicious/suspicious domains. As public in general do not have the knowledge to analyse the reputation of these domains we have created DROPi, a web-based or Firefox/Chrome extension for your browser that will pop up an alarm if one of the domains we collect is visited, and will alert the user to proceed with extra caution.
What it does
It content matches the domains visited with an active list of new/old registered domains that may contain suspicious activity about COVID-19 and/or phishing links.
How We built it
It has been built using the languages/frameworks/APIs listed below, we will publish the Github once we finish brushing everything up.
Accomplishments that We are proud of
It works! And we may have created something people can actually use and prevent them from falling victim of a phishing email or a credential harvesting website.
What We learned
Teamwork, how to properly manage a project since creation to the very end. Plus creating a PoC!
What's next for DROPi
Share with our friends and continue updating the phishing list with new COVID-19 threats.
Special thanks to Ryan, without his amazing work pulling the domains and making it public accessible this project could not have been possible. His repository: https://github.com/littl3field/DodgyDomainsBot
Domain tools list on phishing domains is also included.
Not all domains flagged are malicious, as we do not have a pro license to content match against VirusTotal or Urlscan APIs, as such we cannot be 100% sure on that.