curben
/
phishing-filter
mirror of https://gitlab.com/malware-filter/phishing-filter
1
0
Fork 0
Code Issues Releases Wiki Activity

feat: add IE-compatible blocklist 

- https://gitlab.com/curben/urlhaus-filter/-/issues/30
This commit is contained in:
MDLeom 2020-12-07 05:11:47 +00:00
parent 574e180986
commit 2b267b9991
No known key found for this signature in database
GPG Key ID: 32D3E28E96A695E8
3 changed files with 7780 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
README.md
View File

@ -13,6 +13,7 @@ There are multiple formats available, refer to the appropriate section according
- [Dnsmasq](#dnsmasq)
- [BIND](#bind)
- [Unbound](#unbound)
- Internet Explorer -> [Tracking Protection List (IE)](#tracking-protection-list-ie)
Not sure which format to choose? See [Compatibility](https://gitlab.com/curben/urlhaus-filter/wikis/compatibility) page.
@ -248,6 +249,24 @@ printf '\n include: "/usr/local/etc/unbound/phishing-filter-unbound.conf"\n' >>
</details>
## Tracking Protection List (IE)
This blocklist includes domains only.
- https://curben.gitlab.io/phishing-filter-mirror/phishing-filter.tpl
<details>
<summary>Mirrors</summary>
- https://cdn.statically.io/gl/curben/phishing-filter/master/dist/phishing-filter.tpl
- https://glcdn.githack.com/curben/phishing-filter/raw/master/dist/phishing-filter.tpl
- https://raw.githubusercontent.com/curbengh/phishing-filter/master/dist/phishing-filter.tpl
- https://cdn.statically.io/gh/curbengh/phishing-filter/master/dist/phishing-filter.tpl
- https://gitcdn.xyz/repo/curbengh/phishing-filter/master/dist/phishing-filter.tpl
- https://cdn.jsdelivr.net/gh/curbengh/phishing-filter/dist/phishing-filter.tpl
</details>
## Issues
This blocklist operates by blocking the **whole** website, instead of specific webpages; exceptions are made on popular websites (e.g. `https://docs.google.com/`), in which webpages are specified instead (e.g. `https://docs.google.com/phishing-page`). Phishing webpages are only listed in [URL-based](#url-based) filter, popular websites are excluded from other filters.

7751
dist/phishing-filter.tpl vendored Normal file
View File

File diff suppressed because it is too large Load Diff

10
src/script.sh
View File

@ -200,6 +200,16 @@ sed '1 i\'"$COMMENT"'' | \
sed "1s/Blocklist/Unbound Blocklist/" > "../dist/phishing-filter-unbound.conf"
## IE blocklist
COMMENT_IE="msFilterList\n$COMMENT\n: Expires=1\n#"
cat "../dist/phishing-filter-hosts.txt" | \
grep -vE "^#" | \
sed "s/^0\.0\.0\.0/-d/g" | \
sed '1 i\'"$COMMENT_IE"'' | \
sed "2s/Domains Blocklist/Hosts Blocklist (IE)/" > "../dist/phishing-filter.tpl"
## Clean up artifacts
rm "phishtank.csv" "top-1m-umbrella.zip" "top-1m-umbrella.txt" "top-1m-tranco.txt" "openphish-raw.txt"