Home Explore Help
Sign In
mirror
/
SukkaSurge
mirror of https://github.com/SukkaW/Surge.git
2
0
Fork 0
Files Issues 0 Wiki
Tree: dcbb9fe0fa
Branches Tags
SukkaSurge
/
Build
/
build-phishing-domainset.js

build-phishing-domainset.js 2.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 
  1. const tldts = require('tldts');
    2. 

  2. const { processFilterRules } = require('./lib/parse-filter.js');
    3. 

  3. const fs = require('fs');
    4. 

  4. const path = require('path');
    5. 

  5. 

  6. const WHITELIST_DOMAIN = new Set([
    7. 

  7.   'w3s.link',
    8. 

  8.   'dweb.link',
    9. 

  9.   'nftstorage.link'
    10. 

  10. ]);
    11. 

  11. const BLACK_TLD = Array.from(new Set([
    12. 

  12.   '.xyz',
    13. 

  13.   '.top',
    14. 

  14.   '.win',
    15. 

  15.   '.vip',
    16. 

  16.   '.site',
    17. 

  17.   '.space',
    18. 

  18.   '.online',
    19. 

  19.   '.icu',
    20. 

  20.   '.fun',
    21. 

  21.   '.shop',
    22. 

  22.   '.cool',
    23. 

  23.   '.cyou',
    24. 

  24.   '.id',
    25. 

  25.   '.pro',
    26. 

  26.   '.za.com',
    27. 

  27.   '.sa.com',
    28. 

  28.   '.ltd',
    29. 

  29.   '.group',
    30. 

  30.   '.rest',
    31. 

  31.   '.tech',
    32. 

  32.   '.link',
    33. 

  33.   '.ink',
    34. 

  34.   '.bar',
    35. 

  35.   '.tokyo'
    36. 

  36. ]));
    37. 

  37. 

  38. (async () => {
    39. 

  39.   const domainSet = Array.from(
    40. 

  40.     (
    41. 

  41.       await processFilterRules('https://curbengh.github.io/phishing-filter/phishing-filter-agh.txt')
    42. 

  42.     ).black
    43. 

  43.   );
    44. 

  44.   const domainCountMap = {};
    45. 

  45. 

  46.   for (let i = 0, len = domainSet.length; i < len; i++) {
    47. 

  47.     const line = domainSet[i];
    48. 

  48.     // starts with #
    49. 

  49.     if (line.charCodeAt(0) === 35) {
    50. 

  50.       continue;
    51. 

  51.     }
    52. 

  52.     if (line.trim().length === 0) {
    53. 

  53.       continue;
    54. 

  54.     }
    55. 

  55. 

  56.     const domain = line.charCodeAt(0) === 46 ? line.slice(1) : line;
    57. 

  57. 

  58.     if (domain.length > 19) {
    59. 

  59.       const apexDomain = tldts.getDomain(domain, { allowPrivateDomains: true });
    60. 

  60. 

  61.       if (apexDomain) {
    62. 

  62.         if (WHITELIST_DOMAIN.has(apexDomain)) {
    63. 

  63.           continue;
    64. 

  64.         }
    65. 

  65. 

  66.         domainCountMap[apexDomain] ||= 0;
    67. 

  67.         domainCountMap[apexDomain] += 1;
    68. 

  68. 

  69.         // Add more weight if the domain is long enough
    70. 

  70.         if (domain.length > 45) {
    71. 

  71.           domainCountMap[apexDomain] += 1.5;
    72. 

  72.         } else if (domain.length > 35) {
    73. 

  73.           domainCountMap[apexDomain] += 1;
    74. 

  74.         } else if (domain.length > 30) {
    75. 

  75.           domainCountMap[apexDomain] += 0.5;
    76. 

  76.         }
    77. 

  77.       }
    78. 

  78.     }
    79. 

  79.   }
    80. 

  80. 

  81.   const results = [];
    82. 

  82.   Object.entries(domainCountMap).forEach(([domain, count]) => {
    83. 

  83.     if (
    84. 

  84.       count >= 5
    85. 

  85.       && BLACK_TLD.some(tld => domain.endsWith(tld))
    86. 

  86.     ) {
    87. 

  87.       results.push('.' + domain);
    88. 

  88.     }
    89. 

  89.   });
    90. 

  90. 

  91.   const filePath = path.resolve(__dirname, '../List/domainset/reject_phishing.conf');
    92. 

  92.   await fs.promises.writeFile(filePath, results.join('\n') + '\n', 'utf-8');
    93. 

  93. })();
    94.