What the bot does
Phish Grabber is simple to setup using slash commands and is a advance link moderation bot. Bot uses 3 different phishing/malware APIs to detect known phishing domains and sanction users. Phish Grabber have databases of over 400 000 phishing/malware domains.
The detection types varies heavily depending on how you configurate the bot. By default, it can detect known discord/epic/steam related domains.
You can however enable several features to add additional securities that would give you heuristic protection against unreported domains by enabling Content scan/youtube.
Content Scan/Youtube acts as your first line of defense against unknown/not yet reported phishing domains/url.
Flags any domains depending on the html content inside of the website and match against your blacklisted keywords. This means that you don't even need to know the exact url to block bad links.
Content scan/Youtube can be useful for blocking specific links rather than domains as some bad actors may use legitimate website to advertise their malicious links. Such examples could be blocking youtube links that have video titles such as: "How to get free discord nitro", "get free steam games" "how to become rich with mining".
Setup
By default, the bot works without any configurations and can automatically detect known phishing domains and sanction the users.
However if you wish utilize the bots full potential in protecting your server then it may be a good idea to setup the bot.
Step 1
/logchannel set-channel channel:
Step 2
/punishment set scanner:
You are done configurating!
Commands:
/punishment set
Configure punishment type the bot should issue when punishing a user./punishment set-timeout-duration
This is where you configure how long the timeout should last. For duration, type any numbers after that, then run the command. It will then prompt you what unit you should use which in this case is seconds, minutes, hours, days or weeks./punishment view
Display what punishment the bot is currently configured to./contentscan add-keywords
Content scans basically scans all domains except youtube links as it uses a separate function. By adding keywords, the bot will download websites html content and match it against your blacklisted keywords./contentscan list-keywords
Showcase the amount of keywords you configured./contentscan remove-keywords
Remove the keywords from bot current list. If you added this in your phrase "apple, potato", then you need to type exactly that to remove those keywords./youtube add-keywords
Same concept as content scan commands except that this only applies to youtube links. By adding keywords, the bot will download websites html content and match it against your blacklisted keywords./youtube list-keywords
Showcase a list of keywords you configured./youtube remove-keywords
Remove youtube keywords./logchannel set-channel channel
Configure to a channel where the bot can send logs of deleted messages./logchannel show-channel
Show what channels it is currently configured to, if any./ignorechannel add-channel
Bot will not scan anything in that channel. Useful for staff channels to discuss about the links./ignorechannel list-channels
Showcase a list of amount of channels you chosen to ignore./ignorechannel remove-channel
Remove listed channels./ignorerole add-role
Bot will not scan any of the users messages that contains links if they have a ignored role./ignorerole list-roles
Showcase a list of amount of ignored roles/ignorerole remove-role
Remove ignored roles/punishment set
Configure punishment type the bot should issue when punishing a user./punishment set-timeout-duration
This is where you configure how long the timeout should last. For duration, type any numbers after that, then run the command. It will then prompt you what unit you should use which in this case is seconds, minutes, hours, days or weeks./punishment view
Display what punishment the bot is currently configured to./whitelist add-domain
Add whitelisted domain where bot will ignore scanning that specific domain./whitelist list-domains
Showcase a list of whitelisted domains./whitelist remove-domain
Remove a domain from the whitelistHeuristic detection:
Commands that are custom flagging:
/youtube add-keywords keywords:
/contentscan add-keywords keywords: //Scans any kind of domains/links
If executing this command with "orange, apple, banana", this will count as 1 phrase!
The bot will use these 3 separate words and try match against the html content from a domain. It doesn't matter which order these words are posted. As long as the html content contains all of these 3 words, the bot will flag that domain and sanction the user accordingly.
You can configure additional phrase such as "gold, red, yellow, pink, purple" which means the bot will then scan websites content for any of these phrases.
Note that the bot will not flag the website if the content does not contain all words from the same phrase. Example if the html content contains these words only:
Phrase 1 gold, red Phrase 2 apple
Then the bot will not flag the url. It must contain all words from the specific phrases to flag a domain.