Upload 4 files

.gitattributes

@@ -1,35 +1,2 @@
-*.7z filter=lfs diff=lfs merge=lfs -text
-*.arrow filter=lfs diff=lfs merge=lfs -text
-*.bin filter=lfs diff=lfs merge=lfs -text
-*.bz2 filter=lfs diff=lfs merge=lfs -text
-*.ckpt filter=lfs diff=lfs merge=lfs -text
-*.ftz filter=lfs diff=lfs merge=lfs -text
-*.gz filter=lfs diff=lfs merge=lfs -text
-*.h5 filter=lfs diff=lfs merge=lfs -text
-*.joblib filter=lfs diff=lfs merge=lfs -text
-*.lfs.* filter=lfs diff=lfs merge=lfs -text
-*.mlmodel filter=lfs diff=lfs merge=lfs -text
-*.model filter=lfs diff=lfs merge=lfs -text
-*.msgpack filter=lfs diff=lfs merge=lfs -text
-*.npy filter=lfs diff=lfs merge=lfs -text
-*.npz filter=lfs diff=lfs merge=lfs -text
-*.onnx filter=lfs diff=lfs merge=lfs -text
-*.ot filter=lfs diff=lfs merge=lfs -text
-*.parquet filter=lfs diff=lfs merge=lfs -text
-*.pb filter=lfs diff=lfs merge=lfs -text
-*.pickle filter=lfs diff=lfs merge=lfs -text
-*.pkl filter=lfs diff=lfs merge=lfs -text
-*.pt filter=lfs diff=lfs merge=lfs -text
-*.pth filter=lfs diff=lfs merge=lfs -text
-*.rar filter=lfs diff=lfs merge=lfs -text
-*.safetensors filter=lfs diff=lfs merge=lfs -text
-saved_model/**/* filter=lfs diff=lfs merge=lfs -text
-*.tar.* filter=lfs diff=lfs merge=lfs -text
-*.tar filter=lfs diff=lfs merge=lfs -text
-*.tflite filter=lfs diff=lfs merge=lfs -text
-*.tgz filter=lfs diff=lfs merge=lfs -text
-*.wasm filter=lfs diff=lfs merge=lfs -text
-*.xz filter=lfs diff=lfs merge=lfs -text
-*.zip filter=lfs diff=lfs merge=lfs -text
-*.zst filter=lfs diff=lfs merge=lfs -text
-*tfevents* filter=lfs diff=lfs merge=lfs -text
+# Auto detect text files and perform LF normalization
+* text=auto

phishing_app.py

@@ -0,0 +1,154 @@
+import gradio as gr
+import re
+from urllib.parse import urlparse
+import csv
+from transformers import AutoTokenizer, AutoModelForSequenceClassification, pipeline
+import torch
+#URL model
+url_tokenizer = AutoTokenizer.from_pretrained("najla45/phishing_detection_fine_tuned_bert")
+url_model = AutoModelForSequenceClassification.from_pretrained("najla45/phishing_detection_fine_tuned_bert")
+url_classifier = pipeline("text-classification", model=url_model, tokenizer=url_tokenizer)
+
+#email model
+email_tokenizer = AutoTokenizer.from_pretrained("cybersectony/phishing-email-detection-distilbert_v2.4.1")
+email_model = AutoModelForSequenceClassification.from_pretrained("cybersectony/phishing-email-detection-distilbert_v2.4.1")
+
+#logic for checking the state of url
+def is_phishing_url(url):
+    suspicious_keywords = ['secure', 'account', 'update', 'free', 'login', 'verify', 'banking']
+    domain = urlparse(url).netloc
+    path = urlparse(url).path
+
+    score = 0
+    if re.match(r'https?://\d{1,3}(\.\d{1,3}){3}', url):
+        score += 2
+    if '-' in domain:
+        score += 1
+    if not url.startswith("https://"):
+        score += 3
+    if any(keyword in url.lower() for keyword in suspicious_keywords):
+        score += 2
+    if len(url) > 75:
+        score += 1
+    if '@' in url:
+        score += 2
+
+    return score
+
+#logic checking for phishing email
+def predict_email(email_text):
+    inputs = email_tokenizer(email_text, return_tensors="pt", truncation=True, max_length=512)
+    with torch.no_grad():
+        outputs = email_model(**inputs)
+        probs = torch.nn.functional.softmax(outputs.logits, dim=-1)[0].tolist()
+
+    labels = {
+        "legitimate_email": probs[0],
+        "phishing_url": probs[1],
+        "legitimate_url": probs[2],
+        "phishing_url_alt": probs[3]
+    }
+
+    max_label, max_score = max(labels.items(), key=lambda x: x[1])
+    return max_label, max_score, labels
+
+
+#LOGGING ALL DATA TO CSV FILE
+import os
+LOG_FILE = os.path.join(os.path.dirname(__file__), "phishing_log.csv")
+def log_to_csv(url, rule_score, bert_label, bert_score, final_decision):
+    try:
+        file_exists = os.path.isfile(LOG_FILE)
+        with open(LOG_FILE, "a", newline='') as f:
+            writer = csv.writer(f)
+            if not file_exists:
+                writer.writerow(["Input", "Rule Score", "BERT Label", "Confidence", "Final Decision"])
+            writer.writerow([url, rule_score, bert_label, f"{bert_score:.2f}", final_decision])
+    except Exception as e:
+        print(f"Error writing to CSV: {e}")
+
+
+#Combining URL and email checking logic
+def combined_phishing_detector(url, input_type, log=True):
+    if input_type == "URL":
+        rule_score = is_phishing_url(url)
+        rule_result = "Phishing" if rule_score >= 3 else "Safe"
+
+        bert_result = url_classifier(url)[0]
+        label_map = {"LABEL_0": "safe", "LABEL_1": "phishing"}
+        bert_label = label_map.get(bert_result["label"].upper(), "unknown")
+        bert_score = bert_result["score"]
+
+        final_decision = "Phishing" if rule_result == "Phishing" and bert_label == "phishing" and bert_score > 0.75 else "Safe"
+
+    elif input_type == "Email/Message":
+        bert_label, bert_score, bert_probs = predict_email(url)
+        rule_score = "N/A"
+        rule_result = "Not Applicable"
+        final_decision = "Phishing" if bert_label.startswith("phishing") and bert_score > 0.7 else "Safe"
+
+    # ✅ This part was missing in your message
+    if log:
+        log_to_csv(url, rule_score, bert_label, bert_score, final_decision)
+
+    return url, rule_score, bert_label, bert_score, final_decision
+
+
+
+def run_detector(text, input_type):
+    url,rule_score, bert_label, bert_score,final_decision = combined_phishing_detector(text, input_type,log=True)
+    
+    # Add emoji based on result
+    if final_decision.lower() == "phishing":
+        emoji =  "🚨"   # warning
+    elif final_decision.lower() == "safe":
+        emoji = "✅"  # check mark
+    else:
+        emoji = "❓"
+
+    message = (
+        f"{emoji} Result: {final_decision}\n"
+        f"📊 Rule Score: {rule_score}\n"
+        f"🤖 BERT Label: {bert_label}\n"
+        f"🔍 Confidence: {bert_score:.2f}"
+    )
+    return message,LOG_FILE
+
+#---GUI-----
+gr.HTML("""
+<link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap" rel="stylesheet">
+<h1 style='text-align:center; color:white; font-family: "Poppins", sans-serif;'>🔐 Phishing URL & Email Detector (BERT + Rules) 🔐</h1>
+""")
+
+with gr.Blocks(css="""
+.gradio-container {
+    background-image: url('https://c8.alamy.com/comp/M79X4X/cyber-security-buzzwords-phishing-alert-with-blue-numbers-in-background-M79X4X.jpg');
+    background-size: cover;
+    background-position: center;
+    background-repeat: no-repeat;
+    font-family: 'Poppins', sans-serif;
+    color: white;
+}
+input, textarea, button, label, .gr-box, .gr-button, .gr-textbox, .gr-radio, .gr-file {
+    font-family: 'Poppins', sans-serif !important;
+    color: white;
+}
+""") as demo:
+
+    gr.HTML("<h1 style='text-align:center; color:white;'>🔐 Phishing URL & Email Detector (BERT + Rules) 🔐</h1>")
+
+    with gr.Row():
+        input_text = gr.Textbox(label="Enter URL or Email", lines=5)
+        input_type = gr.Radio(["URL", "Email/Message"], label="Input Type")
+
+    result_output = gr.Textbox(label="Detection Result", lines=4, interactive=False)
+    log_file_output = gr.File(label="Download Log File")
+
+    detect_button = gr.Button("Detect")
+
+    detect_button.click(fn=run_detector, inputs=[input_text, input_type], outputs=[result_output, log_file_output])
+
+    
+demo.launch(share=True)
+
+

phishing_gui.py

@@ -0,0 +1,75 @@
+import streamlit as st
+import re
+from urllib.parse import urlparse
+import csv
+from transformers import AutoTokenizer, AutoModelForSequenceClassification, pipeline
+
+# Load model once at startup
+model_name = "najla45/phishing_detection_fine_tuned_bert"
+tokenizer = AutoTokenizer.from_pretrained(model_name)
+model = AutoModelForSequenceClassification.from_pretrained(model_name)
+bert_classifier = pipeline("text-classification", model=model, tokenizer=tokenizer)
+
+def is_phishing_url(url):
+    suspicious_keywords = ['secure', 'account', 'update', 'free', 'login', 'verify', 'banking']
+    domain = urlparse(url).netloc
+    path = urlparse(url).path
+
+    score = 0
+    if re.match(r'https?://\d{1,3}(\.\d{1,3}){3}', url):
+        score += 2
+    if '-' in domain:
+        score += 1
+    if not url.startswith("https://"):
+        score += 3
+    if any(keyword in url.lower() for keyword in suspicious_keywords):
+        score += 2
+    if len(url) > 75:
+        score += 1
+    if '@' in url:
+        score += 2
+
+    return score
+
+def log_to_csv(input_text, rule_score, bert_label, bert_score, final_decision):
+    with open("phishing_log.csv", "a", newline='') as f:
+        writer = csv.writer(f)
+        writer.writerow([input_text, rule_score, bert_label, f"{bert_score:.2f}", final_decision])
+
+def combined_phishing_detector(url):
+    rule_score = 0
+    if url.startswith("http"):
+        rule_score = is_phishing_url(url)
+        rule_result = "Phishing" if rule_score >= 3 else "Safe"
+    else:
+        rule_result = "Not Applicable"
+
+    bert_result = bert_classifier(url)[0]
+    label_map = {"LABEL_0": "safe", "LABEL_1": "phishing"}
+    bert_label = label_map.get(bert_result["label"].upper(), "unknown")
+    bert_score = bert_result["score"]
+
+    if rule_result == "Phishing" and (bert_label == "phishing" and bert_score > 0.75):
+        final_decision = "Phishing"
+    else:
+        final_decision = "Safe"
+
+    log_to_csv(url, rule_score, bert_label, bert_score, final_decision)
+    return final_decision
+
+# ---------------- STREAMLIT UI ----------------
+
+st.set_page_config(page_title="Phishing Detector", page_icon="🔍")
+st.title("🔐 Phishing URL & Message Detector")
+
+user_input = st.text_area("Paste a URL or email message below:")
+
+if st.button("Check"):
+    if user_input.strip():
+        result = combined_phishing_detector(user_input.strip())
+        if result == "Phishing":
+            st.error(f"🚨 Detected as: {result}")
+        else:
+            st.success(f"✅ Detected as: {result}")
+    else:
+        st.warning("⚠️ Please enter a valid URL or message.")     

phishing_log.csv

@@ -0,0 +1,134 @@
+https://www.paypal.com/signin,0,phishing,0.99,Safe
+"python -u ""c:\Users\Vanshika\OneDrive\Desktop\phishing_ai_project\urlchecking.py""",0,phishing,0.97,Safe
+http:www.paypal.com,3,phishing,0.99,Phishing
+"python -u ""c:\Users\Vanshika\OneDrive\Desktop\phishing_ai_project\urlchecking.py""",0,phishing,0.97,Safe
+"python -u ""c:\Users\Vanshika\OneDrive\Desktop\phishing_ai_project\urlchecking.py""",0,phishing,0.97,Safe
+https://www.yahoo.com,0,phishing,0.99,Safe
+https://www.google.com,0,phishing,0.99,Safe
+http://abc.com,3,phishing,0.99,Phishing
+https://hazs.com,0,phishing,0.99,Safe
+http://hazs.com,3,phishing,0.99,Phishing
+http://int.xyz,3,phishing,0.99,Phishing
+http://int.in,3,phishing,0.99,Phishing
+https://int.hjhj,0,phishing,0.99,Safe
+http://int.hjhj,3,phishing,0.99,Phishing
+www.abc.com,0,phishing,0.99,Safe
+http://abc.com,3,phishing,0.99,Phishing
+[email protected],N/A,phishing,0.99,Phishing
+https://www.google.com,N/A,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+"From: [email protected]
+To: [email protected]
+
+Dear Customer,
+
+We have noticed some unusual activity on your bank account. As a security measure, your account has been temporarily suspended.
+
+To restore access, please verify your identity immediately by clicking the link below:
+
+ Verify Account Now
+
+Failure to verify within 24 hours will result in permanent account suspension.
+
+Thank you for your prompt attention to this matter.
+
+Sincerely,
+Secure Bank Support Team",N/A,phishing,0.98,Phishing
+"Subject: Your July Account Statement is Ready
+
+From: [email protected]
+To: [email protected]
+
+Dear Vanshika,
+
+Your monthly account statement for July 2025 is now available.
+
+To view or download your statement securely, please log in to your NetBanking account using the official HDFC Bank website:
+ https://netbanking.hdfcbank.com
+
+If you have any questions, feel free to contact our support team at [email protected] or call 1800-202-6161.
+
+Thank you for banking with us.
+Warm regards,
+HDFC Bank Customer Care Team",N/A,phishing,0.98,Phishing
+"Subject: Your July Account Statement is Ready
+
+From: [email protected]
+To: [email protected]
+
+Dear Vanshika,
+
+Your monthly account statement for July 2025 is now available.
+
+To view or download your statement securely, please log in to your NetBanking account using the official HDFC Bank website:
+https://netbanking.hdfcbank.com
+
+If you have any questions, feel free to contact our support team at [email protected] or call 1800-202-6161.
+
+Thank you for banking with us.
+Warm regards,
+HDFC Bank Customer Care Team",N/A,phishing,0.98,Phishing
+[email protected],N/A,phishing,0.99,Phishing
+https://google.com,0,phishing,0.99,Safe
+http://abc.com,3,phishing,0.99,Phishing
+"Subject:  Urgent: Account Verification Required
+
+From: [email protected]
+To: [email protected]
+
+Dear Customer,
+
+We have noticed some unusual activity on your bank account. As a security measure, your account has been temporarily suspended.
+
+To restore access, please verify your identity immediately by clicking the link below:
+
+Verify Account Now
+
+Failure to verify within 24 hours will result in permanent account suspension.
+
+Thank you for your prompt attention to this matter.
+
+Sincerely,
+Secure Bank Support Team",N/A,phishing,0.96,Phishing
+"Dear Vanshika,
+
+Your monthly account statement for July 2025 is now available.
+
+To view or download your statement securely, please log in to your NetBanking account using the official HDFC Bank website:
+
+ https://netbanking.hdfcbank.com
+
+If you have any questions, feel free to contact our support team at [email protected] or call 1800-202-6161.
+
+Thank you for banking with us.
+Warm regards,
+HDFC Bank Customer Care Team",N/A,phishing,0.99,Phishing
+https:\\google.com,3,phishing,0.98,Phishing
+https://google.com,0,phishing,0.99,Safe
+https://artbyprab.com,0,phishing,0.99,Safe
+https://amazon.ca,0,phishing,0.99,Safe
+https://fponadala.com,0,phishing,0.99,Safe
+https://fponadala.xyz,0,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+https://yahoo.com,0,phishing,0.99,Safe
+https://google.com,0,phishing,0.99,Safe
+https://google.com,0,phishing,0.99,Safe
+https://google.com,0,phishing,0.99,Safe
+https://google.com,0,phishing,0.99,Safe
+https://google.com,0,phishing,0.99,Safe
+https://google.com,0,phishing,0.99,Safe
+https://google.com,0,phishing,0.99,Safe
+http://abc.com,3,phishing,0.99,Phishing
+[email protected],N/A,phishing_url,0.85,Phishing
+[email protected],N/A,legitimate_url,0.99,Safe
+http://127.0.0.1:7860/,5,phishing,0.99,Phishing
+https://google.com,0,phishing,0.99,Safe
+http:cghf.in,3,phishing,0.99,Phishing
+https:google.com,3,phishing,0.99,Phishing
+https://google.com,0,phishing,0.99,Safe
+https://www.udemy.com/course/the-complete-android-kotlin-app-development-a-z-bootcamp/?couponCode=EDC84F1A93ABF128EBA3,1,phishing,0.99,Safe