eth-phishing-detect
Utility for detecting phishing domains targeting Web3 users
The Lens
This is MetaMask's phishing detection library. It maintains a blocklist of known phishing domains targeting crypto users and a fuzzy-matching algorithm that catches typosquatting attempts.
You feed it a domain, it tells you if it's a known phishing site or looks suspiciously similar to a legitimate one. MetaMask uses it internally to warn users before they connect their wallet to a malicious site.
The library itself is simple; it's the maintained blocklist that's valuable. Community-contributed and regularly updated as new phishing campaigns appear.
The catch: this is narrowly focused on Web3/crypto phishing. It won't help with general phishing detection. The blocklist is only as current as the last update; zero-day phishing domains won't be caught until someone reports them. And the license is listed as 'Other'; check the repo for exact terms before integrating commercially.
Free vs Self-Hosted vs Paid
fully freeFully open source. No paid tier, no hosted API, no account needed. You install the npm package and use it in your application. The blocklist updates come through package updates.
No infrastructure cost. It's a client-side library that checks domains against a bundled list.
Free. It's a library with a community-maintained blocklist.
Similar Tools
License: MIT License
Review license manually.
Commercial use: ✗ Restricted
About
- Owner
- MetaMask (Organization)
- Stars
- 1,261
- Forks
- 1,061
- emerging
Explore Further
More tools in the directory
Get tools like this delivered weekly
The Open Source Drop — the best new open source tools, analyzed. Free.