Detailed analysis of captured phishing page
Used to detect similar phishing pages based on HTML content
| Algorithm | Hash Value |
|---|---|
|
CONTENT
TLSH
|
T16B810571A159E83392B7E6E19D69A35F76C6834DDE9313061BFC93CD07EAD98CD02002 |
|
CONTENT
ssdeep
|
96:Tp4q4b9J6ZaFS9zqPK9xdtEXkE3EEqXCyyASQgZK+1zsZW9j9:+q4b9JCa09zqy9xdtEXkE3EEqXCyyzsK |
Used to detect visually similar phishing pages based on screenshots
| Algorithm | Hash Value |
|---|---|
|
VISUAL
pHash
|
9bcc3333cc33cc86 |
|
VISUAL
aHash
|
083c3c3c3c0c0418 |
|
VISUAL
dHash
|
102a3030285a4830 |
|
VISUAL
wHash
|
0c3c3c3c3c3c243c |
|
VISUAL
colorHash
|
07000000c00 |
|
VISUAL
cropResistant
|
102a3030285a4830 |
Victim enters username and password into fake login form. Credentials are captured via JavaScript and exfiltrated to attacker's server in real-time.
Victim is prompted for 2FA code after entering credentials. The code is intercepted and used by attacker to access victim's account in real-time.