Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T1EDE2DB636244137313A302D3F62E73DAE7118095DB17171195FE819CB7B9E66AA333CA |
|
CONTENT
ssdeep
|
768:DsGIFdV8ck9ns/cp0yShS1TFiGT7j8rHWr3TRz:5K78pns/cp05S1TFZaHQRz |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
c36d96389371c6c5 |
|
VISUAL
aHash
|
003970283830303c |
|
VISUAL
dHash
|
dfc3c7dacac0e2ec |
|
VISUAL
wHash
|
617b79383838387e |
|
VISUAL
colorHash
|
38000038000 |
|
VISUAL
cropResistant
|
dfc3c7dacac0e2ec |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.