Phishing URL | Marketplace

Details
Content
Dependencies
Version History

Phishing URL is a project with the goal of detecting phishing URLs using machine learning

Phishing URLs are one of the most frequent, easily executable, and harmful security attacks that organizations – regardless of size – face today. High-volume, persistent phishing alerts are a time sink to manage, with incident response requiring coordination between multiple security products and communications with end users.
This pack aims to detect URL phishing attacks automatically using machine learning techniques. The model ingests a large volume of infomation such as a screenshot of the webpage, HTML of the webpage, and WHOIS data, and returns an explainable verdict.

What does this pack do?

Loads a pretrained model that aims to detect URL phishing attacks.
Enriches the logo detection engine by adding new logos.

Name	Description
DBotPredictURLPhishing	Predict phishing URLs using a pre-trained model.

Required Content Packs (4)

Pack Name	Pack By
Base	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Whois	By: Cortex XSOAR
Rasterize	By: Cortex XSOAR

Optional Content Packs (2)

Pack Name	Pack By
DomainTools Enterprise	By: DomainTools
JsonWhoIs	By: Cortex XSOAR

All level dependencies (5)

Pack Name	Pack By
Base	By: Cortex XSOAR
Cortex REST API	By: Cortex XSOAR
Common Scripts	By: Cortex XSOAR
Rasterize	By: Cortex XSOAR
Whois	By: Cortex XSOAR

1.1.12 - 962639 (April 17, 2024)

Scripts

DBotPredictURLPhishing

Improved implementation for increased performance and code quality.
Updated the Docker image to: demisto/mlurlphishing:1.0.0.88055.

Related pull requests:
- 31903

Download

1.1.11 - 865088 (March 3, 2024)

Scripts

DBotPredictURLPhishing

Updated the Docker image to: demisto/mlurlphishing:1.0.0.88055.

Related pull requests:
- 33167

Download

1.1.10 - 829761 (February 15, 2024)

Scripts

DBotPredictURLPhishing

Updated the Docker image to: demisto/mlurlphishing:1.0.0.29930.

Related pull requests:
- 32944

Download

1.1.9 - 827009 (February 14, 2024)

Scripts

DBotPredictURLPhishing

Updated the Docker image to: demisto/mlurlphishing:1.0.0.85127.

Related pull requests:
- 32916

Download

1.1.8 - R775948 (January 21, 2024)

Scripts

DBotPredictURLPhishing

Updated the Docker image to: demisto/mlurlphishing:1.0.0.29930.

Related pull requests:
- 32267

Download

1.1.7 - 762016 (January 14, 2024)

Scripts

DBotPredictURLPhishing

Updated the Docker image to: demisto/mlurlphishing:1.0.0.85026.

Related pull requests:
- 32197

Download

1.1.6 - 6899385 (November 15, 2023)

Scripts

DBotPredictURLPhishing

Updated the Docker image to: demisto/mlurlphishing:1.0.0.29930.

Related pull requests:
- 30903

Download

1.1.5 - 6721193 (October 27, 2023)

Scripts

DBotPredictURLPhishing

Updated the Docker image to: demisto/mlurlphishing:1.0.0.78788.

Related pull requests:
- 30454

Download

1.1.4 - R6704012 (October 25, 2023)

Scripts

DBotPredictURLPhishing

Added the rasterize_timeout argument.

Related pull requests:
- 29165

Download

1.1.3 - 5698017 (July 6, 2023)

Scripts

DBotPredictURLPhishing

Updated the error message in case Rasterize's response is incomplete (e.g., no image data).

Related pull requests:
- 27919

Download

1.1.2 - R5692327 (July 5, 2023)

Scripts

DBotPredictURLPhishing

Fixed an issue where the script would fail in cases where no result was returned from WhoIs integration.

Related pull requests:
- 27563

Download

1.1.1 - 5460239 (June 6, 2023)

PhishingURL

Removed the pack from XSIAM, which does not yet support getMLModel.

Related pull requests:
- 26967

Download

1.1.0 - 5316435 (May 21, 2023)

Scripts

DBotPredictURLPhishing

Added an optional 'reliability' argument to indicate the reliability of the source providing the intelligence data.

Related pull requests:
- 26279

Download

1.0.7 - R5170573 (May 2, 2023)

Scripts

DBotPredictURLPhishing

Fixed an issue where the script failed when providing an emailBody argument containing a URL to a webpage that cannot be found (404).

Related pull requests:
- 25104

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOAR

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	January 6, 2022
Last Release	April 17, 2024

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.