phisher 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 7b3ca61c8c2aa9607ca972bc974fa0044575d6be
+  data.tar.gz: 642053a9264be718552610d16e2dae5c1d563a07
+SHA512:
+  metadata.gz: 0942ccf9178a39d551579db63640c129a131fc6af1635a07b36e8795f42dba00d22643781b0f937cdd25d759a953fbc984be56569c61a08640e5767594da80bd
+  data.tar.gz: ac440a37f5409e1c896ff3ee4649fcdfccef7c7117136d7e28534df6c030008ea39c751c72d0efd834bc2ccf62ef2f0286ccfc19f5af30354b6adb30f0371677

data/.document

@@ -0,0 +1,5 @@
+lib/**/*.rb
+bin/*
+- 
+features/**/*.feature
+LICENSE.txt

data/Gemfile

@@ -0,0 +1,14 @@
+source "http://rubygems.org"
+# Add dependencies required to use your gem here.
+# Example:
+#   gem "activesupport", ">= 2.3.5"
+
+# Add dependencies to develop your gem here.
+# Include everything needed to run rake, tests, features, etc.
+group :development do
+  gem "minitest", ">= 0"
+  gem "rdoc", "~> 3.12"
+  gem "bundler", "~> 1.0"
+  gem "jeweler", "~> 2.0.1"
+  gem "simplecov", ">= 0"
+end

data/Gemfile.lock

@@ -0,0 +1,65 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    addressable (2.3.6)
+    builder (3.2.2)
+    descendants_tracker (0.0.4)
+      thread_safe (~> 0.3, >= 0.3.1)
+    docile (1.1.5)
+    faraday (0.9.0)
+      multipart-post (>= 1.2, < 3)
+    git (1.2.8)
+    github_api (0.12.2)
+      addressable (~> 2.3)
+      descendants_tracker (~> 0.0.4)
+      faraday (~> 0.8, < 0.10)
+      hashie (>= 3.3)
+      multi_json (>= 1.7.5, < 2.0)
+      nokogiri (~> 1.6.3)
+      oauth2
+    hashie (3.3.1)
+    highline (1.6.21)
+    jeweler (2.0.1)
+      builder
+      bundler (>= 1.0)
+      git (>= 1.2.5)
+      github_api
+      highline (>= 1.6.15)
+      nokogiri (>= 1.5.10)
+      rake
+      rdoc
+    json (1.8.1)
+    jwt (1.0.0)
+    mini_portile (0.6.0)
+    minitest (5.4.2)
+    multi_json (1.10.1)
+    multi_xml (0.5.5)
+    multipart-post (2.0.0)
+    nokogiri (1.6.3.1)
+      mini_portile (= 0.6.0)
+    oauth2 (1.0.0)
+      faraday (>= 0.8, < 0.10)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (~> 1.2)
+    rack (1.5.2)
+    rake (10.3.2)
+    rdoc (3.12.2)
+      json (~> 1.4)
+    simplecov (0.9.1)
+      docile (~> 1.1.0)
+      multi_json (~> 1.0)
+      simplecov-html (~> 0.8.0)
+    simplecov-html (0.8.0)
+    thread_safe (0.3.4)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.0)
+  jeweler (~> 2.0.1)
+  minitest
+  rdoc (~> 3.12)
+  simplecov

data/LICENSE.txt

@@ -0,0 +1,20 @@
+Copyright (c) 2014 fhur
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,58 @@
+phisher
+-------
+
+Phishing detection gem
+
+## Usage
+
+To import `phisher` simply
+
+```ruby
+gem install phisher
+```
+
+## Phishy links
+To check if a url is phishy simply call
+```ruby
+phisher.verify("www.google.com") # => :safe
+phisher.verify("faizbook.nz") # => :phishy
+phisher.verify("someunknownsite.com") # => :unknown
+```
+
+## Black and White lists
+
+Phisher can be trained to reject any url in a blacklist and verify any
+url in a whitelist.
+
+```ruby
+phisher = Phisher.new
+
+# A list of urls, can optionaly contain wildards i.e. myblog.blogger.com/*
+phisher.blacklist = blacklisted_links
+
+# A list of whitelisted domains. Can also contain wildcards
+phisher.whitelist = whitelisted_domains
+
+```
+
+## Training a Phisher
+
+Black/White lists are great but they do have drawbacks, namely they are
+not easily extensible. To improve Phisher you should train it to detect
+phishing. 
+
+## Contributing to phisher
+
+* Check out the latest master to make sure the feature hasn't been implemented or the bug hasn't been fixed yet.
+* Check out the issue tracker to make sure someone already hasn't requested it and/or contributed it.
+* Fork the project.
+* Start a feature/bugfix branch.
+* Commit and push until you are happy with your contribution.
+* Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+* Please try not to mess with the Rakefile, version, or history. If you want to have your own version, or is otherwise necessary, that is fine, but please isolate to its own commit so I can cherry-pick around it.
+
+## Copyright
+
+Copyright (c) 2014 fhur. See LICENSE.txt for
+further details.
+

data/Rakefile

@@ -0,0 +1,50 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+require 'rake'
+
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://guides.rubygems.org/specification-reference/ for more options
+  gem.name = "phisher"
+  gem.homepage = "http://github.com/fhur/phisher"
+  gem.license = "MIT"
+  gem.summary = %Q{Simple and extensible phishing detection gem}
+  gem.description = %Q{Simple and extensible phishing detection gem}
+  gem.email = "fernandohur@gmail.com"
+  gem.authors = ["fhur"]
+  # dependencies defined in Gemfile
+end
+Jeweler::RubygemsDotOrgTasks.new
+
+desc "Run all minitest tests"
+task :test do
+  Dir.glob("./test/**_spec.rb").each { |file| require file }
+end
+
+desc "Code coverage detail"
+task :coverage do
+  require 'simplecov'
+  SimpleCov.start
+  Rake::Task['test'].execute
+end
+
+task :default => :test
+
+require 'rdoc/task'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "phisher #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end

data/lib/phisher/algo.rb

@@ -0,0 +1,30 @@
+class Algo
+
+  attr_reader :weight
+
+  # Creates a new instance of the algorithm with the given weight
+  #
+  # Arguments:
+  #   {float} weight    the weight assigned to this algorithm.
+  #
+  def initialize(weight)
+    @weight = weight
+  end
+
+  # Calculates the risk that a given url is phishy or safe.
+  #
+  # Risk is measured from 0 to 1 both inclusive where a risk
+  # of 0 means that the url is completely safe and a risk of
+  # 1 means that the url is completely phishy
+  #
+  # Arguments:
+  #   {string} url    The url whose risk will be calculated
+  #
+  # Returns:
+  #   A float in [0..1] indicating the risk of the given url
+  #
+  def risk(url)
+    raise 'Subclasses must override risk(url) method'
+  end
+
+end

data/lib/phisher/knn.rb

@@ -0,0 +1,121 @@
+#
+# Knn : K-Nearest-Neighbor
+#
+# the KNN algorithm is very simple
+# Given a set of labeled training data, <x,f(x)> , a new input will
+# be compared with each x to determine the distance. After this the class
+# of the k-closest distances will be chosen
+#
+#
+# Usage Example:
+#
+# knn = Knn.new
+#
+# print "training Knn... "
+# 10.times do |i|
+#   klazz = 0
+#   klazz = 1 if i >= 5
+#   knn.train([i],klazz)
+# end
+#
+# puts "[done]"
+# knn.data_set.each_with_index {|klass,index| p "class #{index}: #{klass}"}
+#
+# puts "Classifying a few inputs"
+# 20.times do |i|
+#   test = i.to_f/2
+#   print "#{test} =>"
+#   puts knn.classify([test])
+# end
+#
+
+class Knn
+
+  attr_reader :training_set
+  attr_reader :default_distance
+
+  def initialize()
+    @training_set = []
+    @default_distance = lambda do |array1, array2|
+      squares_sum = array1.zip(array2).map do |item|
+        (item[0] - item[1])**2
+      end
+      Math.sqrt(squares_sum.reduce(:+))
+    end
+  end
+
+  # Returns the class closest to the data point for a
+  # given K
+  #
+  # Arguments:
+  #   {Array} data an array
+  #   {integer} k the number of classes to consider
+  #   {block} distance an optional block in case you want
+  #           to provide a custom distance function
+  #
+  # Returns:
+  #   The class that the data array should belong to
+  #
+  def classify(data, k, &distance)
+
+    if distance == nil
+      distance = @default_distance
+    end
+
+    distances = @training_set.map do |training_point|
+      [ distance.call(training_point.data, data), training_point.label ]
+    end
+    sorted_distances = distances.sort
+    nearest_neightbors = sorted_distances.first(k)
+    classes = nearest_neightbors.map { |neighbor| neighbor[1] }
+    class_frequencies = get_class_frequencies(classes)
+    most_frequent(class_frequencies)
+  end
+
+  # Classifies an array with the given label.
+  #
+  # Arguments:
+  #   {Array} data the array that will be labeled
+  #   {symbol} label an identifier for the label
+  #
+  # Returns:
+  #   An instance of the training set
+  def train(data, label)
+    training_point = TrainingPoint.new data, label
+    @training_set.push training_point
+  end
+
+
+
+  private
+
+  # Given an array of where each element is a class label
+  # this method returns the frequency of each label
+  def get_class_frequencies(class_array)
+    freqs = {}
+    class_array.each do |clazz|
+      freqs[clazz] = 0 unless freqs[clazz]
+      freqs[clazz] += 1
+    end
+    return freqs
+  end
+
+  # Given a map of class => frequency(class)
+  # This method returns the class with the highest
+  # frequency.
+  # If more than one class has the highest frequency
+  # this method can return any of those classes.
+  def most_frequent(class_frequencies)
+    most_frequent_class = nil
+    highest_frecuency = -1
+    class_frequencies.each do |clazz, freq|
+      if freq > highest_frecuency
+        most_frequent_class = clazz
+      end
+    end
+    return most_frequent_class
+  end
+
+end
+
+class TrainingPoint < Struct.new(:data, :label); end

data/lib/phisher/phisher.rb

@@ -0,0 +1,58 @@
+require 'phisher/url_list'
+
+class Phisher
+
+  attr_reader :blacklist
+  attr_reader :whitelist
+  attr_reader :algos
+
+  # Initializes a Phisher with a whitelist, blacklist and set of phishing detection algorithms
+  #
+  # Arguments:
+  #   {Array} blacklist   an array of blacklisted urls as strings
+  #   {Array} whitelist   an array of whitelisted urls as strings
+  #   {Array} algos       an array of Algo subclasses
+  #
+  def initialize(blacklist: [], whitelist: [], algos: [])
+    @blacklist = Blacklist.new blacklist
+    @whitelist = Whitelist.new whitelist
+    @algos = algos
+  end
+
+  # Calculates the risk for a given url by testing the url against a blacklist, whitelist and a
+  # set of phishing detection algorithms.
+  #
+  # This method follows the following rules:
+  # 1. If the url is blacklisted then 1 is immediately returned
+  # 2. If the url is whitelisted then 0 will be returned
+  # 3. If neither (1.) nor (2.) occur then the url is tested agains the list of algorithms provided
+  #    to the Phisher. The result is calculated as the weighted average of each algorithm's weight
+  #    multiplied by the algorithm's risk score.
+  #
+  # Arguments:
+  #   {String} url a url to test for safety
+  #
+  # Returns:
+  #   A float between 0 and 1 indicating the risk associated with the url where 0 is the minimum
+  #   amount of risk and 1 is the max risk.
+  #
+  def verify(url)
+
+    # First check if the url is included in the blacklist, if so then return 1 (max risk)
+    blacklisted = @blacklist.include? url
+    return 1 if blacklisted
+
+    # If the url is not blacklister, check if it is whitelisted and if so return 0 (min risk)
+    whitelisted = @whitelist.include? url
+    return 0 if whitelisted
+
+    # if the url is neither black nor white listed then calcualte the weighted risk of the url
+    # by each registered phishing detection algorithm
+    weight_adjusted_risk = @algos.map do |algo|
+      algo.risk(url)*algo.weight
+    end
+
+    return weight_adjusted_risk.reduce(:+)
+  end
+
+end

data/lib/phisher/url_list.rb

@@ -0,0 +1,35 @@
+require 'phisher/url_parser'
+
+# Base class for a blacklist and whitelist
+class UrlList
+  include UrlParser
+
+  attr_reader :list
+
+  def initialize(list=[])
+    @list = list.map do |url|
+      parse(url)
+    end
+  end
+
+  def include?(url)
+    @list.each do |regex|
+      return true if regex.match(url)
+    end
+    return false
+  end
+
+  def << (url)
+    regex = parse(url)
+    @list.push(regex)
+  end
+
+  def size
+    @list.size
+  end
+
+end
+
+class Blacklist < UrlList; end
+
+class Whitelist < UrlList; end

data/lib/phisher/url_parser.rb

@@ -0,0 +1,11 @@
+module UrlParser
+
+  # Converts a url with wildcards to a regex
+  #
+  # Example:
+  #
+  #   "*.google.com" to /.*\.google\.com/
+  def parse(url)
+    /\A#{url.gsub('/','\/').gsub('.','\.').gsub('*','.*')}\z/
+  end
+end

data/test/algo_spec.rb

@@ -0,0 +1,23 @@
+require 'minitest/autorun'
+require 'phisher/algo'
+
+describe Algo do
+
+  describe 'constructor' do
+    it 'should set the weight of the Algo instance' do
+      weight = 0.5
+      algo = Algo.new weight
+      algo.weight.must_equal weight
+    end
+
+  end
+
+  describe 'risk(url)' do
+    it 'should raise an error' do
+      algo = Algo.new 1
+      assert_raises RuntimeError do
+        algo.risk('http://google.com')
+      end
+    end
+  end
+end

data/test/helpers.rb

@@ -0,0 +1,25 @@
+module TestHelpers
+
+  # Asserts that the size of a list increments by the
+  # given amount after the given block is executed.
+  #
+  # Example
+  # list = []
+  # assert_list_inc list, 2 do
+  #   list += [1,2]
+  # end
+  #
+  # Should pass because the list is incremented by 2.
+  #
+  # Arguments:
+  #   {Array} init_list the initial array
+  #   {integer} amount the amount that is expected to be
+  #                    incremented. Defaults to 1.
+  #   {block} an arbitrary block of code
+  def assert_list_inc(init_list, amount=1, &block)
+    dup_list = init_list.dup
+    yield(block)
+    init_list.size.must_equal(dup_list.size + amount)
+  end
+
+end

data/test/knn_spec.rb

@@ -0,0 +1,119 @@
+require 'phisher/knn'
+require 'minitest/autorun'
+require_relative './helpers'
+
+describe Knn do
+  include TestHelpers
+
+  before :each do
+    @knn = Knn.new
+    @rand_list = lambda do |size|
+      Array.new(size + 1) { rand }
+    end
+  end
+
+  describe 'default_distance' do
+
+    before :each do
+      @dist = @knn.default_distance
+    end
+
+    it 'should be greater than or equal to 0' do
+      20.times do |i|
+        d = @dist.(@rand_list.(i), @rand_list.(i))
+        (d >= 0).must_equal true
+      end
+    end
+
+    it 'should return 0 when two points are equal' do
+      20.times do |i|
+        point = @rand_list.(i)
+        @dist.call(point, point).must_equal 0
+      end
+    end
+
+
+    # symmetric: d(x,y) == d(y,x)
+    it 'should be symmetric' do
+      20.times do |i|
+        point_a = @rand_list.(i)
+        point_b = @rand_list.(i)
+        @dist.call(point_a, point_b).must_equal(
+          @dist.call(point_b, point_a)
+        )
+      end
+    end
+
+    # Triangle inequality: d(x,z) ≤ d(x,y) + d(y,z)
+    it 'should satisfy the triangle inequality' do
+      20.times do |i|
+        x = @rand_list.(i)
+        y = @rand_list.(i)
+        z = @rand_list.(i)
+        dist_sum = @dist.(x,y) + @dist.(y,z)
+        (@dist.(x,z) <= dist_sum).must_equal true
+      end
+    end
+  end
+
+  describe 'train' do
+
+    it 'should increase the size of the training set' do
+      1.upto(20) do |i|
+        assert_list_inc @knn.training_set, i do
+          i.times do
+            data = @rand_list.(i)
+            label = rand.to_s.to_sym
+            result = @knn.train(data, label)
+            point = result.last
+            point.data.must_equal data
+            point.label.must_equal label
+          end
+        end
+      end
+    end
+  end
+
+  describe 'classify' do
+
+    #
+    # Initialize the following scenario
+    #
+    # 5 . . . C C
+    # 4 . . . . C
+    # 3 . A . . .
+    # 2 A B B . .
+    # 1 A A A . .
+    # 0 1 2 3 4 5
+    #
+    # Dot means there is nothing at that location A,B,C
+    # means that there is a point label with A,B,C at the
+    # given coordinates
+    #
+    before :each do
+      [[1,1], [2,1], [3,1], [1,2], [2,3]].each do |point|
+        @knn.train(point, :a)
+      end
+      [[2,2], [3,2]].each do |point|
+        @knn.train(point, :b)
+      end
+      [[5,4],[4,5],[5,5]].each do |point|
+        @knn.train(point, :c)
+      end
+    end
+
+    it 'should classify new points' do
+
+      @knn.classify([2,4], 1).must_equal :a
+      @knn.classify([6,6], 2).must_equal :c
+      @knn.classify([7,7], 3).must_equal :c
+      @knn.classify([7,7], 3).must_equal :c
+
+      @knn.classify([2,2], 1).must_equal :b
+      @knn.classify([2,2], 2).must_equal :a
+      @knn.classify([2,2], 3).must_equal :a
+    end
+
+  end
+
+end

data/test/phisher_spec.rb

@@ -0,0 +1,66 @@
+require 'minitest/autorun'
+require 'phisher/phisher'
+require 'phisher/algo'
+
+class MockAlgo < Algo
+
+  def initialize(risk, weight)
+    super(weight)
+    @risk = risk
+  end
+
+  def risk(url)
+    @risk
+  end
+end
+
+describe Phisher do
+
+  before :each do
+    @whitelist = ['*.foo.com','*.bar.bz','baz.nl/*','qux.org']
+    @blacklist = ['lee.com','facebook.com','gmail.nl', 'gmail.nl/*']
+    @algos = [ MockAlgo.new(0.5, 0.2), MockAlgo.new(0.1, 0.5), MockAlgo.new(0.9,0.3)]
+    @phisher = Phisher.new whitelist: @whitelist, blacklist: @blacklist, algos: @algos
+  end
+
+
+  describe 'initialize' do
+    it 'should initialize the blacklist' do
+      phisher = Phisher.new whitelist: @whitelist
+      phisher.whitelist.size.must_equal @whitelist.size
+    end
+
+    it 'should initialize the white list' do
+      phisher = Phisher.new blacklist: @blacklist
+      phisher.blacklist.size.must_equal @blacklist.size
+    end
+
+    it 'should initialize the algo list' do
+      phisher = Phisher.new algos: @algos
+      phisher.algos.must_equal @algos
+    end
+  end
+
+  describe 'verify' do
+
+    it 'should return 1 for a blacklisted url' do
+      ['lee.com', 'facebook.com', 'gmail.nl', 'gmail.nl/some', 'gmail.nl/site'].each do |url|
+        @phisher.verify(url).must_equal 1
+      end
+    end
+
+    it 'should return 0 for a whitelisted url' do
+      ['asd.foo.com', 'boo.bar.bz', 'baz.nl/', 'baz.nl/my-site', 'qux.org'].each do |url|
+        @phisher.verify(url).must_equal 0
+      end
+    end
+
+    it 'should return the weighted average of the algorithms result and their weight' do
+      risk = @phisher.verify('someohtersite.com')
+      risk.must_equal 0.5*0.2 + 0.1*0.5 + 0.9*0.3
+    end
+
+  end
+
+
+end

data/test/url_list_spec.rb

@@ -0,0 +1,51 @@
+require 'minitest/autorun'
+require 'phisher/url_list'
+
+describe UrlList do
+
+  describe 'constructor' do
+    it 'should initialize the UrlList with the given wildcard urls ' do
+      bl = UrlList.new ["a.com", "*.a.b", "foo.org/*"]
+      bl.list.size.must_equal 3
+    end
+  end
+
+  describe 'include?' do
+
+    before :each do
+      @bl = UrlList.new ['foo.org', 'fee.com', 'a.b.c/*', '*.bar.net']
+    end
+
+    it 'should return true when url is part of blacklist' do
+      includes = ['foo.org','fee.com', 'a.b.c/', 'a.bar.net'].map do |url|
+        @bl.include? url
+      end
+      result = includes.reduce(true) { |curr, acum| acum and curr }
+      result.must_equal true
+    end
+
+    it 'should return false when url is part of blacklist' do
+      includes = ['foo.orgo','a.fee.com', 'a.bee.c/', 'bar.netbiz'].map do |url|
+        @bl.include? url
+      end
+      result = includes.reduce(false) { |curr, acum| acum or curr }
+      result.must_equal false
+    end
+  end
+
+  describe "<<" do
+
+    it "should increase the size of a UrlList" do
+
+      @list = UrlList.new
+      urls = ['facebook.com','google.com','dropbox.com','github.com/*']
+      urls.each do |url|
+        @list << url
+      end
+      @list.size.must_equal urls.size
+
+    end
+
+  end
+
+end

data/test/url_parser_spec.rb

@@ -0,0 +1,30 @@
+require 'minitest/autorun'
+require 'phisher/url_parser'
+
+describe UrlParser do
+
+  include UrlParser
+
+  describe "parse" do
+
+    it "should convert * wildcards to .* regex" do
+
+      parse("*.google.com").must_equal(/\A.*\.google\.com\z/)
+      parse("*.google.*").must_equal(/\A.*\.google\..*\z/)
+      parse("*").must_equal(/\A.*\z/)
+    end
+
+    it "should match all urls matching wildcard" do
+      parse("*.google.com").match("foo.google.com").wont_be_nil
+      parse("google.*").match("google.com/page").wont_be_nil
+      parse("*.google.com/*").match("foo.google.com/").wont_be_nil
+      parse("google.com/*/foo").match("google.com/a/b/c/foo").wont_be_nil
+    end
+
+    it "should not match urls that don't match wildcard" do
+      parse("google.com/*").match("foo.google.com/site").must_be_nil
+    end
+
+  end
+
+end

metadata

@@ -0,0 +1,133 @@
+--- !ruby/object:Gem::Specification
+name: phisher
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- fhur
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-11-30 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: minitest
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rdoc
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.12'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: jeweler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.1
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Simple and extensible phishing detection gem
+email: fernandohur@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files:
+- LICENSE.txt
+- README.md
+files:
+- ".document"
+- Gemfile
+- Gemfile.lock
+- LICENSE.txt
+- README.md
+- Rakefile
+- lib/phisher.rb
+- lib/phisher/algo.rb
+- lib/phisher/knn.rb
+- lib/phisher/phisher.rb
+- lib/phisher/url_list.rb
+- lib/phisher/url_parser.rb
+- test/algo_spec.rb
+- test/helpers.rb
+- test/knn_spec.rb
+- test/phisher_spec.rb
+- test/url_list_spec.rb
+- test/url_parser_spec.rb
+homepage: http://github.com/fhur/phisher
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.2
+signing_key: 
+specification_version: 4
+summary: Simple and extensible phishing detection gem
+test_files: []