Home Explore Help
Sign In
mirror
/
SukkaSurge
mirror of https://github.com/SukkaW/Surge.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: b69f4a75c1
Branches Tags
SukkaSurge
/
Build
/
build-phishing-domainset.js

build-phishing-domainset.js 1.8 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. const tldts = require('tldts');
    2. 

  2. const { processFilterRules } = require('./lib/parse-filter.js');
    3. 

  3. const fs = require('fs');
    4. 

  4. const path = require('path');
    5. 

  5. 

  6. const WHITELIST_DOMAIN = new Set([
    7. 

  7.   'w3s.link',
    8. 

  8.   'dweb.link'
    9. 

  9. ]);
    10. 

  10. const BLACK_TLD = Array.from(new Set([
    11. 

  11.   '.xyz',
    12. 

  12.   '.top',
    13. 

  13.   '.win',
    14. 

  14.   '.vip',
    15. 

  15.   '.site',
    16. 

  16.   '.space',
    17. 

  17.   '.online',
    18. 

  18.   '.icu',
    19. 

  19.   '.fun',
    20. 

  20.   '.shop',
    21. 

  21.   '.cool',
    22. 

  22.   '.cyou',
    23. 

  23.   '.id',
    24. 

  24.   '.pro',
    25. 

  25.   '.za.com',
    26. 

  26.   '.sa.com',
    27. 

  27.   '.ltd',
    28. 

  28.   '.group',
    29. 

  29.   '.rest',
    30. 

  30.   '.tech',
    31. 

  31.   '.link',
    32. 

  32.   '.ink',
    33. 

  33.   '.bar',
    34. 

  34.   '.tokyo'
    35. 

  35. ]));
    36. 

  36. 

  37. (async () => {
    38. 

  38.   const domainSet = Array.from(
    39. 

  39.     (
    40. 

  40.       await processFilterRules('https://curbengh.github.io/phishing-filter/phishing-filter-agh.txt')
    41. 

  41.     ).black
    42. 

  42.   );
    43. 

  43.   const domainCountMap = {};
    44. 

  44. 

  45.   for (let i = 0, len = domainSet.length; i < len; i++) {
    46. 

  46.     const line = domainSet[i];
    47. 

  47.     // starts with #
    48. 

  48.     if (line.charCodeAt(0) === 35) {
    49. 

  49.       continue;
    50. 

  50.     }
    51. 

  51.     if (line.trim().length === 0) {
    52. 

  52.       continue;
    53. 

  53.     }
    54. 

  54. 

  55.     const domain = line.charCodeAt(0) === 46 ? line.slice(1) : line;
    56. 

  56. 

  57.     if (line.length > 25) {
    58. 

  58.       const parsed = tldts.parse(domain, { allowPrivateDomains: true });
    59. 

  59. 

  60.       if (parsed.isIp || domain === parsed.publicSuffix) {
    61. 

  61.         continue;
    62. 

  62.       }
    63. 

  63.       const apexDomain = parsed.domain;
    64. 

  64.       if (apexDomain) {
    65. 

  65.         if (WHITELIST_DOMAIN.has(apexDomain)) {
    66. 

  66.           continue;
    67. 

  67.         }
    68. 

  68. 

  69.         domainCountMap[apexDomain] ||= 0;
    70. 

  70.         domainCountMap[apexDomain] += 1;
    71. 

  71.       }
    72. 

  72.     }
    73. 

  73.   }
    74. 

  74. 

  75.   const results = [];
    76. 

  76.   Object.entries(domainCountMap).forEach(([domain, count]) => {
    77. 

  77.     if (
    78. 

  78.       count >= 8
    79. 

  79.       && BLACK_TLD.some(tld => domain.endsWith(tld))
    80. 

  80.     ) {
    81. 

  81.       results.push('.' + domain);
    82. 

  82.     }
    83. 

  83.   });
    84. 

  84. 

  85.   const filePath = path.resolve(__dirname, '../List/domainset/reject_phishing.conf');
    86. 

  86.   await fs.promises.writeFile(filePath, results.join('\n'), 'utf-8');
    87. 

  87. })();
    88.