Solution

Phishing OSINT research platform for universities and cyber labs

Research teams need defensible data, not just screenshots or raw blocklists: source provenance, confirmation states, redaction boundaries, graph relationships and longitudinal snapshots.

Request demoRead researchOpen dashboard

Direct answer

Can universities use the public research pages as citations? Yes. Research articles include canonical URLs, citation snippets, selected sources and fixed public-safe observation modules when published.

Research questions PhishNet supports

PhishNet supports studies on Belgian/Benelux phishing trends, social-engineering psychology, mule-route behavior, source overlap, evidence readiness, country differences, kit reuse, campaign DNA, active OSINT ethics and infrastructure behavior.

What is unique

The platform combines Belgian official warnings, global feeds, CT/URL evidence, source quality, public-safe daily snapshots, active OSINT under authorization, kit weakness intelligence and a fraud-route graph that connects domains, URLs, phones, IBANs, wallets, handles, evidence, sources and campaigns.

Data access model

Public pages expose sanitized modules and citations; authenticated research partnerships can access deeper operational datasets with provenance, role controls, redaction status and export formats such as CSV, JSONL, STIX, MISP and graph exports.

Visual and empirical outputs

Researchers can use brand/TLD matrices, source-overlap matrices, evidence-readiness pipelines, CT-to-liveness timelines, mule-route graphs and country comparison snapshots as reproducible starting points for papers, theses, policy notes and applied security studies.

How PhishNet uses this

Inside PhishNet this topic is treated as operational graph context: observations are linked to sources, evidence, Belgian relevance, confirmation state, liveness, campaigns and exports. Public pages explain the method; authenticated users can pivot into the full platform workflow when a signal needs investigation or handoff.

Selected sources and research

These pages combine PhishNet platform knowledge with public research, official Belgian sources and open OSINT documentation.

APWG Phishing Activity Trends Reports ENISA Threat Landscape 2025 Why Phishing Works, Dhamija, Tygar and Hearst, CHI 2006 CCB Belgium: phishing messages surge

Common questions

Can universities use the public research pages as citations?

Yes. Research articles include canonical URLs, citation snippets, selected sources and fixed public-safe observation modules when published.

Can PhishNet provide deeper data for a research project?

Yes, through authenticated access and export agreements that preserve operational security, sensitive-data controls and provenance.

Does public research expose dangerous IOCs?

No. Public examples are redacted; operational IOCs remain inside authenticated PhishNet workflows except raw secrets and victim data, which stay restricted.

Related reading

Knowledge

Phishing OSINT research

How open-source phishing research becomes operational intelligence for public-sector and CERT teams.
Knowledge

The phishing knowledge graph

Why phishing intelligence becomes more powerful when indicators are connected into a graph.
Knowledge

Phishing kit weakness intelligence

How kit reuse, exposed panels, debug artifacts and webhook patterns support CERT-safe investigations.