Tweet
jeopardize
https://github.com/utkusen/jeopardize
https://github.com/utkusen/jeopardize
Target Audience: Defense
Jeopardize tool is developed to provide basic threat intelligence&response capabilities against phishing domains at the minimum cost as possible. It detects registered phishing domain candidates (typosquatting, homograph etc.), analyzes them and assigns a risk score to them. After then, it sends valid-looking credentials to the login forms on those phishing sites. Main goals are to confuse the attackers and to buy organizations some time to take precautions.
Detailed Explanation of Tool:
Jeopardize tool is developed to provide basic threat intelligence&response capabilities against phishing domains at the minimum cost as possible. It detects registered phishing domain candidates (typosquatting, homograph etc.), analyzes them and assigns a risk score to them. After then, it sends valid-looking credentials to the login forms on those phishing sites.
Why? Imagine this scenario: Attacker registers a phishing domain, acmebnak.com (Typosquatting of acmebank), copies the original acmebank.com's login form there and advertises this domain via sponsored tweets. This ad and the domain probably will be marked as phishing in the next day but the attacker has already harvested credentials from users. Taking it down after this won't help the affected users. Jeopardize provides a proactive solution to this problem. It jeopardizes the phishing form with valid-looking credentials to confuse the attacker. This will buy organizations some time to take precautions.
ATTACKER+-----advertises+
| +---------------+
| | |
+--------v-------+ +----------------+ | |
|twitter.com/ads | |acmebnak.com | | 549233/ahs72 +------>FAKE
+----------------+ +----------------+ | |
| | | | | 398273/pass1 +------>FAKE
| AcmeBank +-->+ username: +-------+ |
| Tax Refunds | | password: | | 393823/sm283 +------>LEGIT
| | | | | |
+--------^-------+ +----------------+ | 394837/azerb +------>FAKE
| ^ | |
VICTIM USER+-----clicks-+ |sends | |
|fake creds +---------------+
+
JEOPARDIZE
Developer Bio: Utku Sen is a security researcher who is mostly focused on application security, network security and tool development. He presented his different tools and researches in Black Hat USA Arsenal, DEF CON Demo Labs, Packet Hacking Village and Recon Village in the recent years. He's also nominated for Pwnie Awards on "Best Backdoor" category in 2016. He is currently working for HackerOne.