Phishing Website Detector

Project Name : Phishing Website Detector (PWD)

~ Jan - 05 - 2025

Introduction

The Phishing Website Detector (PWD) is a security-focused web application developed using Python and the Flask web framework. The system is designed to help users identify potentially malicious or phishing websites before interacting with them. It uses machine learning algorithms to analyze a given URL and determine whether it is a legitimate website or a phishing attempt.

Source Code

Objective

The goal of this project is to:

Protect users from fraudulent websites.
Educate users about the dangers of phishing.
Leverage machine learning for real-time threat detection.
Provide a clean and interactive user interface for ease of use.

Features

URL Input Form: Users can input a website link in a search bar.
Phishing Detection Engine: Uses a trained machine learning model to classify URLs.
About Page: Contains valuable information on phishing, how it works, and how to stay safe.
Interactive UI: Built with a user-friendly and modern design to ensure a smooth user experience.
Security Practices: Input validation, HTTPS support (when deployed), and model isolation ensure safe usage.

Security Considerations

Given the nature of the application, security is a primary concern:

Input Sanitization: All user inputs are validated and sanitized to prevent injection attacks.
WHOIS Lookups: Used to verify domain authenticity.
Google Indexing Check: Confirms if the site appears in Google's index, indicating legitimacy.
No URL Execution: The app never opens or executes the input URL, ensuring no accidental exposure to dangerous content.
Deployment Ready: Can be hosted securely using Gunicorn and HTTPS for encrypted traffic.

How to Run the Project

Prerequisites

Python 3.12.4 or higher
pip (Python package installer)

Steps to Set Up and Run

Clone the Repository

>> git clone https://github.com/mostofaahmed101/Phishing_Website_Detector-PWD.git

>> cd Phishing_Website_Detector-PWD

2. Install Dependencies

>> pip install -r requirements.txt

3. Run the App

>> python app.py

4. Open in Browser

Visit : http://127.0.0.1:5000/

More about Project

1 . How It Works?

User inputs a URL into the search bar.
The backend extracts features from the URL (like domain age, presence of IP, Google search index, etc.).
These features are passed into a pre-trained ML model (e.g., Random Forest, Decision Tree, etc.).
The model returns a prediction: Phishing or Legitimate.
The result is shown on the interface with an appropriate warning or success message.

2. Why do you need to use this?

Everyday Internet Users: Helps non-tech users avoid scams.
Corporate Employees: Adds an extra layer of browsing safety for businesses.
Security Researchers: Provides feature extraction and classification insights.
Educators: Great tool for cybersecurity awareness training.

3. Technologies Used

Backend: Flask (Python)
Machine Learning: scikit-learn
Data Handling: Pandas, NumPy
URL Parsing & Info: BeautifulSoup4, WHOIS, urllib3, requests, googlesearch_python

4. External Python Packages

beautifulsoup4==4.12.3

Flask==3.0.3

googlesearch_python==1.2.3

numpy==1.26.4

pandas==2.2.2

python_dateutil==2.8.2

Requests==2.31.0

scikit_learn==1.3.1

urllib3==2.2.1

whois==0.9.27

gunicorn==20.1.0

Building this project was an insightful and rewarding experience. It not only deepened my understanding of real-world cybersecurity applications but also allowed me to explore web development with Flask. Integrating machine learning for live phishing detection brought both technical and ethical satisfaction, knowing it could help protect users from digital threats. The project challenged me to blend backend logic with frontend design, resulting in a secure, interactive, and educational tool.

Conclusion

The Phishing Website Detector (PWD) is a powerful tool that blends machine learning, web development, and cybersecurity awareness. It empowers users to stay safe in the digital world with minimal effort. The project stands as a strong foundation for anyone interested in developing AI-powered security solutions.

Page updated

Google Sites

Report abuse