FAQ
What is the purpose of StalkPhish.io?
StalkPhish.io provides enriched data on the potential presence of phishing URLs, usurping the visual identity of a company or administration. The data provided via a REST API can be easily and regularly retrieved and integrated into a detection and takedown workflow. In addition, the StalkPhish.io backend is tailored to retrieve phishing kits when they are still present on the server, and exfiltration configurations (emails, Telegram channels) are extracted and made available via the API, enabling the investigator to perfect his knowledge of the threat and the actor.Why this name?
The name StalkPhish.io is based on the open source software StalkPhish-OSS, created by the founder of StalkPhish: Thomas Damonneville, creator of multiple tools dedicated to the fight against phishing.Why should I use StalkPhish.io instead of StalkPhish-OSS?
Because StalkPhish.io is a highly augmented version (more data, more enrichment, more data sources) of StalkPhish-OSS, you don't need to deploy and maintain a StalkPhish-OSS stack - we do that for you. You can then easily use the StalkPhish.io REST API to retrieve the data you need.Why do I need to sign up on StalkPhish.io?
We ask our beneficiaries to sign up because we need to manage your account in case you lose your password or API key. We also need a valid e-mail address to keep in touch with you about your use, needs or experience of StalkPhish.io, so that we can improve our product according to the needs of the majority of our users.How can I use my API key?
The API key (also known as a token), must be included in an HTTP authorization header. The key must be prefixed by the literal string "Token", with a white space separating the two strings, like this cURL command:
curl -X GET -H "authorization: Token 739aec689724c45066689ce03385e3abf38d2f54" https://api.stalkphish.io/api/v1/search/url/wellsfargo
Complete API documentation is available on this page: https://www.stalkphish.io/documentation/api/