·
29 commits
to main
since this release
π Enhancements By Team PhishVault β 13 July 2025
π§ Threat Scoring System (threatScorer.js)
π Added deep inspection logic for:
- Credential input fields (
username,email,user) - Hidden auth tokens (e.g.,
CSRF,auth_token) - Brand impersonation detection (
Netflix,Google, etc.) - Suspicious external JavaScript sources (e.g.,
.xyz,pastebin, IP URLs) - Anti-analysis behaviors (e.g.,
debugger, infinite loops) - Delayed execution detection (
setTimeoutwith large delays) - Fingerprinting / anti-bot detection indicators:
navigator.userAgent,screen.width,timezoneOffset, etc.
π Score logic upgraded to reflect multi-factor threat analysis
π details field added (aggregated string of notes) for frontend rendering
π¦ Scan Controller (scanController.js)
β Expanded debug logs for easier backend observability:
- Final URL
- Redirect count
- HTML snippet
- JS logs
- Password field match
- Cookie count
π Automatically includes details field during scan creation
π Error handling improved with cleaner feedback for scan failures
ποΈ MongoDB Schema (Scan.js)
β New Field:
details: { type: String }- Stores semicolon-separated summary of
notesfor each scan - Enhances readability on frontend dashboards and reports
π Phishing Site Template
π¨ UI Enhancements:
- Realistic dark blue theme
- Modern CSS animation and glassmorphism design
π΅οΈββοΈ Form Behaviors:
- Includes
<input type="password">,username,emailfields - Hidden
auth_tokenandcsrffields - JavaScript includes obfuscation and delay behavior
β Successfully triggers PhishVault detection engine
π₯οΈ Frontend Improvements (React.js)
π§Ύ Scan Reports Now Display:
verdict,score,timestamp, and newdetailsfield
β details dynamically rendered from backend response
π Verified end-to-end with working backend and MongoDB integration
π‘οΈ PhishVault: Evolving smarter every day.
Full Changelog: v1.0Release...v1.0.1enhancements