cat > README.md << 'EOF'
PhisPox is a comprehensive email security tool designed to detect and analyze phishing attempts in real-time. Built for cybersecurity professionals, IT administrators, and security-conscious users.
Created by: Kaif Shaikh
- ✅ Real-time Phishing Detection - Analyzes emails for malicious patterns
- ✅ Gmail API Integration - Automated inbox scanning
- ✅ Web Dashboard - Beautiful visualization of threats
- ✅ Multi-Vector Analysis - URL inspection, sender verification, content analysis
- ✅ Risk Scoring System - Intelligent threat classification (High/Medium/Low)
- ✅ Email Forwarding Service - Forward suspicious emails for instant analysis
- ✅ Notification System - Slack, Discord, and browser alerts
- ✅ Historical Analytics - Track phishing trends over time
- ✅ SQLite Database - Local storage of scan results
PhisPox detects:
- 🎣 Phishing Keywords - "verify account", "urgent action required", etc.
- 🌐 Suspicious Domains - Lookalike domains, suspicious TLDs (.tk, .ml, .xyz)
- 🔗 Malicious URLs - IP-based URLs, URL shorteners, redirect chains
- 👤 Sender Spoofing - Display name manipulation, domain mismatches
- ⏰ Urgency Tactics - Psychological manipulation detection
- 📧 Email Authentication - SPF, DKIM, DMARC verification
- 🚨 Zero-day Patterns - Behavior-based detection
# Clone repository
git clone https://github.com/YOUR_USERNAME/phisprox.git
cd phisprox
# Create virtual environment
python3 -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt# Analyze a single email file
python3 phisprox.py suspicious_email.eml
# Start web dashboard
python3 phisprox.py --dashboard
# Scan Gmail inbox
python3 phisprox.py --gmail-setup # First time only
python3 phisprox.py --scan-gmail -n 50- Installation Guide - Detailed setup instructions
- Usage Guide - Complete command reference
- API Documentation - Integration guide
- Python 3.8+
- Flask 3.0+
- Gmail API libraries (optional)
- Linux/MacOS/Windows
PhisPox Architecture
│
├── Core Detection Engine
│ ├── Sender Analysis Module
│ ├── Content Analysis Module
│ ├── URL Inspection Module
│ └── Header Verification Module
│
├── Integration Layer
│ ├── Gmail API Scanner
│ ├── IMAP Email Forwarding
│ └── File Parser (.eml, .msg)
│
├── Analytics & Storage
│ ├── SQLite Database
│ ├── Statistics Engine
│ └── Historical Tracking
│
├── User Interface
│ ├── Web Dashboard (Flask)
│ ├── CLI Interface
│ └── REST API
│
└── Notification System
├── Slack Integration
├── Discord Webhooks
└── Browser Notifications
- Corporate Email Security - Deploy across organization
- Security Training - Demonstrate phishing techniques
- Incident Response - Analyze suspicious emails
- Security Research - Study phishing trends
- Personal Protection - Scan your own inbox
- ✅ Read-only Gmail access - Never modifies or deletes emails
- ✅ Local processing - All analysis happens on your machine
- ✅ No data collection - Your emails stay private
- ✅ Open source - Audit the code yourself
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
Kaif Shaikh
- LinkedIn: https://www.linkedin.com/in/mohammad-kaif-ismail-shaikh-777824312/
- GitHub: Kaifshaikh786
- Email: kaif80188@gmail.com
- Inspired by the need for accessible email security tools
- Built for the cybersecurity community
- Special thanks to all contributors
If PhisPox helps you stay safe from phishing attacks, please give it a star! ⭐
- Machine Learning integration
- Microsoft Outlook support
- Mobile app (Android/iOS)
- Advanced reporting features
- Multi-language support
- PDF export functionality
Stay safe online! 🛡️ EOF