# PhishDestroy — Anti-Phishing Threat Intelligence Platform

> PhishDestroy is a volunteer-driven, real-time phishing detection and monitoring platform that tracks, analyzes, and reports malicious domains targeting users worldwide. Over 107,000 domains analyzed.

## About

PhishDestroy provides comprehensive threat intelligence on phishing domains, crypto drainers, and online scams. The platform monitors over 107,000 domains with automated detection, analysis, and reporting. Founded in 2021, the project operates as a volunteer-driven initiative focused on dismantling phishing infrastructure.

## Core Services

- **Domain Reports** (`/domain/`): Detailed security analysis for any domain — VirusTotal scores, WHOIS data, SSL certificates, IP geolocation, registrar info, threat classification, AI-powered analysis, and risk assessment. Over 107,000 reports available.
- **Live Threat Feed** (`/live/`): Real-time stream of newly detected phishing domains as they are discovered and analyzed.
- **Domain Hub** (`/domain/?page=hub`): Searchable directory of all analyzed domains with filtering by threat type, registrar, risk level, brand impersonation target, and more.
- **Phishing Wallets Database** (`/phishing-wallet/`): Database of cryptocurrency wallet addresses linked to phishing operations, with transaction analysis and victim statistics.
- **DeFi Hack Explorer** (`/hack-wallet`): Comprehensive database of DeFi hacks and exploits with stolen funds tracking.
- **Registrar Statistics** (`/registrar-stats/`): Global analysis of domain registrars by abuse rates, risk scores, and phishing domain concentration.
- **Analytics Dashboard** (`/analytics/`): Platform-wide statistics and trends in phishing activity.

## Security Tools & Resources

- **Security Tools Directory** (`/tools`): Curated collection of cybersecurity tools for threat detection and prevention.
- **Privacy Arsenal** (`/privacy-arsenal`): Comprehensive guide to digital privacy tools and practices.
- **Security Checklist** (`/security-checklist`): Step-by-step personal cybersecurity hardening guide.
- **Anti-Phishing Tools** (`/tools-for-fighting`): Specialized tools for identifying and combating phishing attacks.
- **Crypto Security Guide** (`/crypto-security`): Best practices for securing cryptocurrency wallets and transactions.
- **Emergency Response** (`/critical-action`): Immediate steps to take if you've been phished or compromised.

## Investigations & Research

- **News & Investigations** (`/news`): In-depth investigations into phishing networks, scam operations, and cybercrime infrastructure.
- **Scam Intelligence** (`/destroy-scammers`): Intelligence reports on active scam networks and their operators.
- **Impact Metrics** (`/impact-metrics`): Measurable impact data — 400K+ phishing domains disrupted.

### Featured Investigations
- *$100K Returned: Malvertising Crypto Scam Dismantled* (`/100k-returned-malvertising`)
- *BuyTRX Drainer Exposed* (`/buytrx-drainer-exposed`)
- *Crypto Drainer Networks Exposed* (`/crypto-drainer-networks`)
- *Keitaro TDS Exposed: Traffic Distribution Systems* (`/keitaro-tds-exposed`)
- *Fake Casino Epidemic: 5 Scam Panels Exposed* (`/fake-casino-panels-exposed`)
- *Trust Wallet Phishing Panel: $239K Stolen* (`/trustwallet-panel-exposed`)
- *xmrwallet.com Exposed: 10 Years of Stolen Keys* (`/xmrwallet-exposed`)
- *TheProject: Inside a $10M Scam Mentorship Empire* (`/theproject-scam-empire`)
- *TON Scam Network: 4,000 Russian Scammers Exposed* (`/russian-ton-scam`)
- *NiceNIC Investigation: ICANN Registrar Enabling Cybercrime* (`/nicenic-real`)
- *Registrars Enabling Global Scams* (`/registrars-enabling-global-scams`)
- *Scam Teams: MercuryTeam, WasabiSquad & 717Team* (`/scam-team-operations`)
- *Scam Infrastructure Exposed: 4 Backends Dissected* (`/scam-infrastructure-exposed`)

## API & Developer Access

- **Destroy API** (`https://api.destroy.tools`): RESTful API for querying domain threat data programmatically.
- **Domain Analyzer** (`https://analyze.destroy.tools`): Online tool for instant domain security analysis.
- **LLM Context** (`/llm.txt`): Machine-readable site description for AI/LLM integration.

## Threat Detection Capabilities

- Real-time phishing domain detection via VirusTotal (211 API keys), Google Safe Browsing, and custom blocklists
- Crypto drainer identification (wallet drainer scripts, approval phishing, clipboard hijacking)
- Brand impersonation detection (logos, page titles, domain similarity)
- WHOIS/RDAP registrar enrichment for abuse tracking
- AI-powered threat analysis and summary generation (Mistral, Gemini, OpenAI, Rytr)
- Automated screenshot capture for evidence preservation
- SSL certificate analysis and IP geolocation

## Reporting & Contact

- **Report a Threat**: via Telegram bot `@PhishDestroy_bot`
- **Submit Appeal**: `/appeals/` — if your domain was incorrectly flagged
- **Responsible Disclosure**: `/responsible-disclosure`
- **Social**: X/Twitter `@Phish_Destroy`, GitHub `phishdestroy`, Mastodon `@phishdestroy@mastodon.social`

## Legal

- Terms of Service: `/terms`
- Privacy Policy: `/privacy`
- DMCA: `/dmca`
- GDPR: `/gdpr`
- Security Policy: `/security`
- Cookie Policy: `/cookies`
- Disclaimer: `/disclaimer`
- Acceptable Use: `/acceptable-use`
- Copyright: `/copyright`

## Technical Stack

- PHP + MySQL backend with 107,000+ domain records
- Real-time daemon processing new threats 24/7
- Multi-provider AI text generation (Mistral, Gemini, OpenAI, Rytr)
- VirusTotal integration (211 keys), Google Safe Browsing (8 keys)
- WHOIS/RDAP enrichment for registrar data
- Automated OG card generation for social sharing
- IndexNow for instant search engine indexing
- Custom CSS design system with particle effects and dark theme