Driven by the realization that modern phishing has evolved into a game of psychological precision, we built PhishForensics to expose threats that bypass both human perception and standard filters. While researching homograph attacks—where Cyrillic characters are used to mimic legitimate domains—we understood that a "zero-click" sandbox was necessary to make these invisible threats visible through mathematical analysis rather than simple text matching. We engineered a high-speed pipeline using FastAPI and React to deconstruct suspicious content, identifying hidden redirect chains and flagging visual impersonations through a comprehensive ecosystem that includes a Chrome extension for safe previews and an admin SOC dashboard for enterprise monitoring. The core engine utilizes Shannon Entropy H(X) = -Σ P(xi) * log2 P(xi) to detect procedurally generated domains and Levenshtein Distance to catch brand spoofing by calculating the edit distance between URLs and known entities. Despite the 24-hour hackathon limit, we overcame complex hurdles like SPA routing 404 errors on Vercel and CORS issues between the extension and backend, ultimately successfully integrating three distinct platforms into a unified forensic loop. Our journey proved that heuristics are superior to static blacklists for catching "Zero-Day" attacks, and we plan to scale PhishForensics by integrating LLM-based sentiment analysis and headless browser screenshots to safely visualize phishing pages without risk to the user.
Built With
- css
- fastapi
- html
- javascript
- latex
- python
- react(vite)
Log in or sign up for Devpost to join the conversation.