PhishEye parses .eml emails, extracts links/domains, applies phishing heuristics, assigns a risk score, and exports a JSON report you can visualize in a local dashboard.
Start with rule/regex based detection. Add NLP/ML later for even more power.
- Parse
.emlfiles (single or folder) - Extract links/domains from body (HTML + text)
- Heuristics: suspicious TLDs, IP‑based URLs, punycode, brand impersonation, bait keywords
- Risk score → Low / Medium / High
- Export to
output/phisheye_report.json - Local dashboard in
web/index.html(drop JSON to visualize)
python main.py -i samples/email1.eml
# or analyze a folder
python main.py -i samples/Then open web/index.html and upload output/phisheye_report.json.
Sample email provided in samples/email1.eml (impersonation + suspicious TLD + IP link).
- Add domain age check via APIs
- NLP classification (scikit‑learn / spaCy / transformers)
- HTML display-name vs href mismatch checks
- Export PDF summaries
PhishEye/
main.py
modules/
parser.py
detector.py
report.py
samples/
email1.eml
web/
index.html
output/
README.md
requirements.txt
Educational use only. Do not use with private data you’re not authorized to process.