Report to phishing lists

[mimi89999]

Hello,
Would it be possible to add reporting to phishing lists using their APIs?

[bradleyjkemp]

Hey @mimi89999 have you tried phish.report for this?

Most phishing lists (at least any good ones) require an API key to submit to. As an open source tool, I can't include API keys in abwhose but (as it has a server-side component) phish.report can include keys and so submits to quite a few phishing lists.

Did you have any particular phishing lists in mind?

[mimi89999]

No, but I saw that Netcraft's API doesn't require an API key: https://report.netcraft.com/api/v3
Google's Safe browsing also has an API endpoint that doesn't require a key coded in https://github.com/chromium/suspicious-site-reporter, but I don't know if it can be used.

I tried phish.report, but I would like to have an API for reporting phishing sites.

[bradleyjkemp]

Out of interest, why is an API so important to you? It's something on the roadmap for phish.report but more for integrating with other tools. Did you want to do some sort of fully-automated detection+reporting system?

[mimi89999]

Hello,

Sorry for the late reply.

Yes, I have a small script running on my computer that is automatically detecting phishing sites. I then check all detected sites manually and report them.