-
This is what I built. Dark, clean, and honestly kind of fun to look at. You paste something in, it tells you if it smells off.
-
A fake PayPal email I tested it on. You can see exactly why it got flagged — no black box, just the reasons, laid out.
-
Tried a raw IP-based link, the kind real phishing uses. It lit up immediately. That moment felt good — it actually works.
-
The brain behind the email scanner. I spent the most time here — tuning what counts as suspicious without flagging everything.
-
The URL logic. Each rule has a weight I picked based on how much it actually tells you. No AI guessing, just reasoning I can defend.
-
I kept the rules in JSON on purpose. If I spot a new phishing phrase tomorrow, I just add it here. No code, no retraining.
-
The list of suspicious TLDs and shady URL shorteners I learned to watch for. Kept it human-readable so I can keep adding to it.
-
Every scan gets logged like a real security alert would. I wanted it to feel like a SOC feed, even if it's just me running it.
-
This is where the web app lives. Small, clean, does its job. The actual detection doesn't need Flask — this is just the face of it.
-
I kept the frontend simple on purpose. No React, no build tools. Plain JavaScript that just works.
-
The first time it all came together and ran. Server up, tests passing, logs writing. Small moment, but I'll remember it.
Inspiration
Phishing attacks are one of the most common cybersecurity threats and are often the entry point for larger breaches. I wanted to better understand how these attacks work and how security teams detect them in real-world environments.
What it does
PhishGuard AI is a phishing detection system that analyzes emails and URLs to identify potential threats. It uses rule-based heuristics and machine learning techniques to assign risk scores and simulate security alerts.
How I built it
I built the project using Python, implementing a rule-based detection engine to identify suspicious patterns such as urgent language, domain mismatches, and IP-based URLs. I then integrated a machine learning model to improve detection accuracy. The system also includes logging and alerting features to simulate SOC workflows.
Challenges I ran into
One of the main challenges was balancing simplicity with accuracy in detection. Creating effective rules without generating too many false positives required careful tuning. Integrating machine learning and ensuring meaningful results was also a key learning experience.
What I learned
Through this project, I gained hands-on experience with phishing detection techniques, log analysis, and building security-focused applications. I also learned how detection systems in SOC environments are designed and implemented.
Log in or sign up for Devpost to join the conversation.