Author Archives: Yevgeny Pats

Proactive Hunting with Certificate Transparency Log and Google BigQuery

In this blog, we will quickly go through what is the Certificate Transparency log and how we used BigQuery to search for bad domains trying to spoof a business’s domain (and how you can do it as well). Certificate Transparency … Read More

Hello Material-UI Goodbye Bootstrap

So far we’ve used Boostrap framework which was here for a good long time but we decided to switch to Google’s Material UI design implementation before rolling our next big product next-week. So enjoy the new cool design of our … Read More

phish.AI Demisto

Phish.AI + Demisto Integration

Phish.AI + Demisto Integration Phishing links are one of the most frequent attacks that organizations face. Phishing links can slip through emails/slack or any other channel. A zero-day phishing link is usually reported by a savvy user, hopefully before someone … Read More

phish.ai and phishtank

Harnessing the power of Phish.AI, PhishTank, Google Big Query and Google Data Studio to analyze Phishing Trends

Overview PhishTank is a free community website where users and security vendors submit and share phishing data. PhishTank is doing a great job of collecting phishing data from the community around the world. However, some shortcomings of PhishTank are the … Read More



This month was really exciting for Phish.AI and after more than 13,000 installs to our PhishProtect Chrome extension last month, I’m thrilled to announce that we are releasing the same API that powers our chrome extension for free. I’m really … Read More

PhishProtect Beta is Out!

I’m thrilled to announce that we released PhishProtectTM Beta as a free Chrome extension and It’s available on . You can find the source-code for the extension and some more discussion on our Github. We are planning to release the extension … Read More

open source

Phish.AI ♡ Open Source

Yesterday we released idn-protect-chrome as part of a bigger move. We are planning to open-source our main product PhishProtectTM to all major browsers. Wait What? Why? We are doing this for a couple of reasons The security community is not … Read More

open source

Open-Source Tool to Block Homograph Phishing Attacks

Today we open-source idn_generator – a tool that helps block recent homograph phishing attacks at the email stage. The tool generates a list of similar domain names (IDN domains) for a given domain (usually the domain of an organization). You can … Read More

IDN Homograph Attack Is Back For Some Crypto

Homograph attacks are a decade-old problem. Last time it made headlines was just last week with the attack on Binanace Exchange and before that when security enthusiast, Xudong Zheng published a vulnerability in the way modern browsers handle domain names. … Read More

Phishing Beetle

With a Little Help From The Banks

In this post, I’ll analyse a phishing attack we recently encountered in the wild targeting NAB (National Australia Bank) implementing two phishing techniques: “The Phishing Collage” (you can read about it in a previous post) and a new technique we … Read More