https://lp-db.github.io/lp-db/
Login Pages Database forms a knowledge base on login pages related to malicious activities (C2, phishing, TDS...).
This library uses urlscan.io, allowing to have screenshots of unified size and to have access to the DOM of the pages. In addition, each login page has tags to better define their use cases. Whenever possible, a Malpedia link is also present.
It's possible that some login pages don't correspond to their description or their tags, these data are provided on best effort. In this case, or in order to complete the database, don't hesitate to open an issue/pull request. You can also contact me on Twitter.
It's possible to perform a reverse image search to identify a login page. For best results, it's recommended to use screenshots from urlscan.io. Everything is done client side, the image recognition is based on blockhash perceptual image hashing algorithm.
- misterch0c for the original idea with what_is_this_c2
- C2 Trackers: benkow, CyberCrime-Tracker, ThreatShare and ViriBack
- Everyone who's sharing C2 panels on Twitter
- urlscan.io submitters
- Hedroed and b0oml for the web app