AI-Powered Phishing Website Detection System
Real-time phishing threat detection using Machine Learning, Deep Content Analysis, and Reputation Intelligence.
- ML Detection Engine — Random Forest classifier trained on 10,000+ URLs
- Deep Content Analysis — HTML scraping for hidden iframes, obfuscated JS, favicon spoofing
- Reputation Intelligence — WHOIS domain age checks & VirusTotal API integration
- Animated Risk Gauge — SVG-based circular gauge with real-time score animation
- SOC Dashboard — Chart.js powered analytics (Timeline, Distribution, Top Domains)
- Threat Feed — Live table of all detected malicious URLs
- PDF Reports — Downloadable threat analysis reports per scan
- Chrome Extension — One-click phishing check from the browser toolbar
- Dark / Light Mode — Switchable UI theme with localStorage persistence
- Settings Panel — Tabbed interface for API keys, detection sensitivity, notifications
PhishShieldAI/
├── backend/
│ ├── app.py # Flask application (routes, API, scoring engine)
│ ├── requirements.txt # Python dependencies
│ ├── database/
│ │ └── models.py # SQLAlchemy models (ScanHistory, Analytics, Settings)
│ ├── model/
│ │ ├── train_model.py # ML training pipeline
│ │ └── phishing_model.pkl # Trained model (auto-generated)
│ └── utils/
│ ├── feature_extractor.py # URL structural feature extraction
│ ├── reputation_checker.py # WHOIS + VirusTotal checks
│ └── content_analyzer.py # HTML deep inspection
├── frontend/
│ ├── templates/ # Jinja2 HTML templates
│ │ ├── base.html # Layout with navbar & footer
│ │ ├── index.html # Home page (scanner + hero)
│ │ ├── dashboard.html # SOC analytics dashboard
│ │ ├── threat_feed.html # Live threat feed table
│ │ ├── report.html # Reports archive
│ │ └── settings.html # Tabbed settings UI
│ └── static/
│ ├── css/style.css # Glassmorphism dark/light theme
│ └── js/main.js # Client-side logic & Chart.js
├── dataset/
│ ├── generate_data.py # Synthetic dataset generator
│ └── phishing_urls.csv # Training data
├── extension/
│ ├── manifest.json # Chrome Extension manifest v3
│ ├── popup.html # Extension popup UI
│ └── popup.js # Extension scan logic
├── Dockerfile
├── docker-compose.yml
├── .gitignore
└── README.md
# 1. Clone & enter project
git clone https://github.com/yourusername/PhishShieldAI.git
cd PhishShieldAI
# 2. Create virtual environment
python -m venv venv
venv\Scripts\activate # Windows
# source venv/bin/activate # Linux/Mac
# 3. Install dependencies
pip install -r backend/requirements.txt
# 4. Train the ML model (first time only)
python backend/model/train_model.py
# 5. Run the server
cd backend
python app.pyOpen http://127.0.0.1:5000 in your browser.
- Open
chrome://extensions - Enable Developer mode
- Click Load unpacked → select the
extension/folder - Click the shield icon on any page to scan it
| Variable | Description | Default |
|---|---|---|
SECRET_KEY |
Flask session secret | dev-secret-key |
VIRUSTOTAL_API_KEY |
VirusTotal v3 key (also via Settings UI) | Mock mode |
URL Input → Feature Extraction → ML Prediction (60%)
→ Reputation Check (30%)
→ Content Analysis (10%)
→ Final Risk Score (0-100)
| Layer | Technology |
|---|---|
| Backend | Flask, SQLAlchemy, SQLite |
| ML | Scikit-learn (Random Forest) |
| Frontend | Bootstrap 5, Chart.js, Vanilla JS |
| Scraping | BeautifulSoup4, Requests |
| Extension | Chrome Manifest V3 |