Artifact - Doubly Dangerous: Evading Phishing Reporting Systems by Leveraging Email Tracking Techniques

This repository contains the artifact for our paper "Doubly Dangerous: Evading Phishing Reporting Systems by Leveraging Email Tracking Techniques". In keeping with open science guidelines, we are making all artifacts available for researchers.

Note that this is a public repository that omits artifacts that can potentially be misused like IP Addresses, Autonomous System names of crawlers used by email providers, etc. Specifically, the dataset from the experiment and the code for the cloaking-based websites are omitted. Such artifacts are restricted for access to only security researchers to prevent potential abuse.

If you are looking for the restricted repository instead, please refer to: https://doi.org/10.5281/zenodo.15612193

The artifact can be unzipped to get the folder structure as a follows, encompassing four key components:

1. email-sending: A laravel web application for crafting and sending emails embedded with HTML/CSS tracking vectors. For more detail, see email-sending/README.md.

2. email-reporting-gui: A collection of Python scripts that automates logging into webmail clients, opening emails, clicking links, and reporting them as phishing to simulate user behavior. Additionally, monitors a reported URL by taking screenshots of the webpage in Chrome and Edge browsers. For more detail, email-reporting-gui/README.md.