GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Viralmaniar → MurMurHash

Viralmaniar / MurMurHash

Licence: MIT license
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

phishingmurmurhash3cybersecurityinfosecthreatintelmurmurhashblueteamsecurity-toolsthreat-intelligenceredteamingredteampurpleteamthreatintelligencephishing-detectionblueteamingthreathuntingproactive-security

Projects that are alternatives of or similar to MurMurHash

NIST-to-Tech
An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-22.78%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam, purpleteam
OSINTBookmarks
OSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-56.96%)
Mutual labels:  cybersecurity, blueteam, redteaming, redteam, blueteaming
github-watchman
Monitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-24.05%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam, purpleteam
Slack Watchman
Monitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (+101.27%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam
goblin
一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+968.35%)
Mutual labels:  phishing, cybersecurity, blueteam, redteam
Chatter
internet monitoring osint telegram bot for windows
Stars: ✭ 123 (+55.7%)
Mutual labels:  cybersecurity, infosec, threatintel, threat-intelligence
Stalkphish
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+224.05%)
Mutual labels:  phishing, infosec, threatintel, threat-intelligence
Spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+8611.39%)
Mutual labels:  cybersecurity, infosec, threatintel, threat-intelligence
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
Stars: ✭ 70 (-11.39%)
Mutual labels:  cybersecurity, infosec, blueteam, threat-intelligence
ThePhish
ThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+755.7%)
Mutual labels:  phishing, cybersecurity, threat-intelligence, phishing-detection
Malware Feed
Bringing you the best of the worst files on the Internet.
Stars: ✭ 69 (-12.66%)
Mutual labels:  cybersecurity, infosec, threatintel, threat-intelligence
Gitlab Watchman
Monitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (+60.76%)
Mutual labels:  cybersecurity, infosec, blueteam, redteam
Cypheroth
Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Stars: ✭ 179 (+126.58%)
Mutual labels:  cybersecurity, blueteam, redteam
Malware-Sample-Sources
Malware Sample Sources
Stars: ✭ 214 (+170.89%)
Mutual labels:  cybersecurity, infosec, threat-intelligence
Misp Dashboard
A dashboard for a real-time overview of threat intelligence from MISP instances
Stars: ✭ 142 (+79.75%)
Mutual labels:  cybersecurity, threatintel, threat-intelligence
Malicious-Urlv5
A multi-layered and multi-tiered Machine Learning security solution, it supports always on detection system, Django REST framework used, equipped with a web-browser extension that uses a REST API call.
Stars: ✭ 35 (-55.7%)
Mutual labels:  phishing, cybersecurity, phishing-detection
TweetFeed
Collecting IOCs posted on Twitter
Stars: ✭ 181 (+129.11%)
Mutual labels:  phishing, blueteam, phishing-detection
Blue-Team-Notes
You didn't think I'd go and leave the blue team out, right?
Stars: ✭ 899 (+1037.97%)
Mutual labels:  cybersecurity, infosec, blueteam
Awesome Red Teaming
List of Awesome Red Teaming Resources
Stars: ✭ 4,223 (+5245.57%)
Mutual labels:  phishing, redteaming, redteam
Phishing catcher
Phishing catcher using Certstream
Stars: ✭ 1,232 (+1459.49%)
Mutual labels:  phishing, threatintel, threat-intelligence
View All Similar Projects ➔

MurMurHash

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

image

What is MurMurHash?

MurmurHash is a non-cryptographic hash function suitable for general hash-based lookup. The name comes from two basic operations, multiply (MU) and rotate (R), used in its inner loop. The current version is MurmurHash3 which yields a 32-bit or 128-bit hash value. When using 128-bits, the x86 and x64 versions do not produce the same values, as the algorithms are optimized for their respective platforms. MurmurHash3 was released alongside SMHasher—a hash function test suite.

Further reading on: https://en.wikipedia.org/wiki/MurmurHash

How to install?

git clone https://github.com/Viralmaniar/MurMurHash.git
cd MurMurHash
pip install -r requirements.txt
python MurMurHash.py

Detailed Blog:

https://isc.sans.edu/diary/Hunting+phishing+websites+with+favicon+hashes/27326

Hunting Phish Events for Paypal & Tesla:

After reading about hunting of phishing websites using favicon hashes I thought to generalise it to accept Favicon URLs for quick analysis on the Shodan.

Looking for a favicon icon file on the orginal website of Paypal:

image

Using MurMurHash.py file generating hash of the icon: image

Searching on Shodan for Paypal phishing domains/IPs:

Validating Shodan results:

image

image

Now, let's search for Tesla icon on the original site:

image

Searching on Shodan for Tesla phishing domains/IPs: image

image

Validating Shodan results:

image

Questions?

Twitter: @ManiarViral
LinkedIn: https://au.linkedin.com/in/viralmaniar

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].