Miteru : An Experimental Phishing Kit Detection Tool

Miteru is an experimental phishing kit detection tool. Following are the features that can be used for the tool;

  • Phishing kit detection & collection.
  • Slack notification.
  • Threading.

How it works?

Also Read : Mquery : YARA Malware Query Accelerator

Installation

$ gem install miteru

Usage

$ miteru
Commands:
miteru execute # Execute the crawler
miteru help [COMMAND] # Describe available

commands or one specific command

$ miteru help execute
Usage:
miteru execute

Options:
[–auto-download], [–no-auto-download] # Enable or disable auto-download of phishing kits
[–directory-traveling], [–no-directory-traveling] # Enable or disable directory traveling
[–download-to=DOWNLOAD_TO] # Directory to download file(s)
# Default: /tmp
[–post-to-slack], [–no-post-to-slack] # Post a message to Slack if it detects a phishing kit
[–size=N] # Number of urlscan.io’s results. (Max: 10,000)
# Default: 100
[–threads=N] # Number of threads to use
# Default: 10
[–verbose], [–no-verbose]
# Default: true

Execute the crawler
$ miteru execute

https://dummy1.com: it doesn’t contain a phishing kit.
https://dummy2.com: it doesn’t contain a phishing kit.
https://dummy3.com: it doesn’t contain a phishing kit.
https://dummy4.com: it might contain a phishing kit (dummy.zip).

Using Docker (alternative if you don’t install Ruby)

$ git clone https://github.com/ninoseki/miteru.git
$ cd miteru/docker
$ docker build -t miteru .
$ docker run miteru
ex. auto-download detected phishing kit(s) into host machines’s /tmp directory
$ docker run -v /tmp:/tmp miteru execute –auto-download

Aasciinema Cast

Note

For using --post-to-slack feature, you should set the following environment variables:

  • SLACK_WEBHOOK_URL: Your Slack Webhook URL.
  • SLACK_CHANNEL: Slack channel to post a message (default: “#general”).
R K

Recent Posts

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

3 hours ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

17 hours ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

18 hours ago

What is SIEM? Complete Guide to Security Information and Event Management

Introduction As cyber threats grow more sophisticated, organizations need more than just firewalls and antivirus…

1 day ago

Website OSINT: Tools and Techniques for Reconnaissance

Introduction When it comes to cybersecurity and ethical hacking, one of the most effective ways…

2 days ago

Top OSINT Tools to Find Emails, Usernames and Passwords

Introduction In the world of cybersecurity, knowledge is power. One of the most powerful skillsets…

2 days ago