PhishGuard is a hybrid phishing detection platform that combines rule-based heuristics and machine learning to detect malicious URLs and phishing emails — with explainable risk scoring so users understand why something was flagged.
| Target | Accuracy |
|---|---|
| Malicious URL Detection | 87.8% |
| Phishing Email Detection | 99.2% |
PhishGuard runs two independent detection pipelines — one for URLs, one for emails — each combining a rule engine with a trained ML model.
┌────────────────────────────────────────┐
│ Flask Web App │
│ app/app.py + templates/ │
└───────────────┬────────────────────────┘
│
┌──────────────┴──────────────┐
│ │
┌──────▼──────┐ ┌──────▼──────┐
│ URL Input │ │ Email Input │
└──────┬──────┘ └──────┬──────┘
│ │
┌──────▼──────┐ ┌──────▼──────┐
│ url_rules │ │ email_rules │ ← Rule-based heuristics
└──────┬──────┘ └──────┬──────┘ (rules/)
│ │
┌──────▼──────┐ ┌──────▼──────┐
│url_features │ │email_features│ ← Feature extraction
└──────┬──────┘ └──────┬──────┘ (features/)
│ │
┌──────▼────────────┐ ┌───────────▼─────────────┐
│phishing_url_model │ │ phishing_email_model │ ← Trained ML models
│ .pkl │ │ + email_tfidf_vectorizer│ (model/)
└──────┬────────────┘ └───────────┬─────────────┘
│ │
└──────────────┬──────────────┘
│
┌──────▼──────┐
│ Risk Score │
│ + Verdict │
└─────────────┘
URL Detection
url_rules.pyapplies rule-based heuristic checks on the URL structureurl_features.pyextracts numerical features from the URLphishing_url_model.pkl(trained ML model) classifies based on those features- A combined risk score and verdict is returned
Email Detection
email_rules.pyapplies heuristic checks on email headers and contentemail_features.pyextracts features from the email body and metadataemail_tfidf_vectorizer.pklvectorizes the text contentphishing_email_model.pklclassifies the vectorized input- A combined risk score and verdict is returned
| Layer | Technology |
|---|---|
| Web Framework | Python, Flask |
| Frontend | HTML, CSS (served via Flask templates) |
| ML Models | scikit-learn (.pkl — separate models for URL and email) |
| Text Vectorization | TF-IDF (email_tfidf_vectorizer.pkl) |
| Feature Engineering | Custom Python modules (url_features.py, email_features.py) |
| Rule Engine | Custom Python modules (url_rules.py, email_rules.py) |
phishguard/
├── app/
│ ├── app.py # Flask application — routes & detection logic
│ ├── static/ # CSS, JS, and static assets
│ └── templates/ # HTML templates
├── features/
│ ├── url_features.py # Feature extraction for URLs
│ ├── email_features.py # Feature extraction for emails
│ └── feature_order.txt # Defines feature vector ordering
├── model/
│ ├── phishing_url_model.pkl # Trained URL classifier
│ ├── phishing_email_model.pkl # Trained email classifier
│ ├── email_tfidf_vectorizer.pkl # TF-IDF vectorizer for email text
│ ├── load_model.py # URL model loader
│ └── load_email_model.py # Email model loader
├── rules/
│ ├── url_rules.py # Heuristic rules for URL detection
│ └── email_rules.py # Heuristic rules for email detection
├── utils/ # Shared utility functions
├── requirements.txt
└── runtime.txt
- Python 3.x
- pip
git clone https://github.com/Adnan-commits/phishguard.git
cd phishguard
pip install -r requirements.txtcd app
python app.pyThen open http://localhost:5000 in your browser.
Adnan Bardgujar LinkedIn · GitHub
⚠️ PhishGuard is an academic project. It is not intended as a production-grade security tool without further dataset validation and hardening.