phinet-secure 1.0.0__py3-none-any.whl

phinet/__init__.py

@@ -0,0 +1,9 @@
+from .model import PHINetBoost
+from .feature_engine import PHINetFeatureEngine
+from .bert_detector import BERTPhishingDetector
+
+__all__ = [
+    "PHINetBoost",
+    "PHINetFeatureEngine",
+    "BERTPhishingDetector"
+]

phinet/bert_detector.py

@@ -0,0 +1,46 @@
+from transformers import BertTokenizer, BertForSequenceClassification
+import torch
+
+
+class BERTPhishingDetector:
+
+    def __init__(self):
+
+        self.tokenizer = BertTokenizer.from_pretrained(
+            "bert-base-uncased"
+        )
+
+        self.model = BertForSequenceClassification.from_pretrained(
+            "bert-base-uncased",
+            num_labels=2
+        )
+
+        self.model.eval()
+
+
+    def preprocess(self, text):
+
+        inputs = self.tokenizer(
+            text,
+            return_tensors="pt",
+            truncation=True,
+            padding=True,
+            max_length=256
+        )
+
+        return inputs
+
+
+    def predict(self, text):
+
+        inputs = self.preprocess(text)
+
+        with torch.no_grad():
+
+            outputs = self.model(**inputs)
+
+        logits = outputs.logits
+
+        prediction = torch.argmax(logits, dim=1).item()
+
+        return prediction

phinet/cli.py

@@ -0,0 +1,44 @@
+import argparse
+import pandas as pd
+
+from phinet import PHINetBoost, PHINetFeatureEngine
+
+
+def main():
+
+    parser = argparse.ArgumentParser()
+
+    parser.add_argument("--email_body", required=True)
+
+    parser.add_argument("--url", default="")
+
+    parser.add_argument("--attachment", default="")
+
+    parser.add_argument("--email_id", default="")
+
+    args = parser.parse_args()
+
+    df = pd.DataFrame([{
+        "email_id": args.email_id,
+        "email_body": args.email_body,
+        "urls": args.url,
+        "attachments": args.attachment
+    }])
+
+    engine = PHINetFeatureEngine()
+
+    X = engine.transform(df)
+
+    model = PHINetBoost()
+
+    model.fit(X, [1])
+
+    prediction = model.predict(X)
+
+    if prediction[0] == 1:
+
+        print("⚠ Phishing Email Detected")
+
+    else:
+
+        print("✓ Legitimate Email")

phinet/email_analyzer.py

@@ -0,0 +1,48 @@
+from .utils import count_suspicious_words, urgency_score
+
+
+class EmailAnalyzer:
+
+    def body_length(self, text):
+
+        if not text:
+            return 0
+
+        return len(text)
+
+
+    def suspicious_word_count(self, text):
+
+        return count_suspicious_words(text)
+
+
+    def urgency_score(self, text):
+
+        return urgency_score(text)
+
+
+    def attachment_risk(self, attachments):
+
+        if not attachments:
+            return 0
+
+        risky = [".exe", ".zip", ".bat", ".scr"]
+
+        for ext in risky:
+
+            if ext in attachments.lower():
+
+                return 1
+
+        return 0
+
+
+    def extract_domain(self, email):
+
+        try:
+
+            return email.split("@")[1]
+
+        except:
+
+            return "unknown"

phinet/feature_engine.py

@@ -0,0 +1,84 @@
+import pandas as pd
+
+from sklearn.preprocessing import LabelEncoder
+from sklearn.feature_extraction.text import TfidfVectorizer
+
+from .url_analyzer import URLAnalyzer
+from .email_analyzer import EmailAnalyzer
+
+
+class PHINetFeatureEngine:
+
+    def __init__(self):
+
+        self.url_analyzer = URLAnalyzer()
+
+        self.email_analyzer = EmailAnalyzer()
+
+        self.domain_encoder = LabelEncoder()
+
+        self.vectorizer = TfidfVectorizer(
+            max_features=200,
+            stop_words="english"
+        )
+
+
+    def transform(self, df):
+
+        features = []
+
+        domains = []
+
+        for _, row in df.iterrows():
+
+            email_body = row.get("email_body", "")
+
+            urls = row.get("urls", "")
+
+            attachments = row.get("attachments", "")
+
+            email_id = row.get("email_id", "")
+
+            domain = self.email_analyzer.extract_domain(email_id)
+
+            domains.append(domain)
+
+            feature_row = {
+
+                "body_length": self.email_analyzer.body_length(email_body),
+
+                "suspicious_words": self.email_analyzer.suspicious_word_count(email_body),
+
+                "urgency_score": self.email_analyzer.urgency_score(email_body),
+
+                "url_count": self.url_analyzer.url_count(urls),
+
+                "https_count": self.url_analyzer.https_count(urls),
+
+                "url_suspicious": self.url_analyzer.suspicious_pattern_score(urls),
+
+                "has_ip": self.url_analyzer.has_ip_address(urls),
+
+                "attachment_risk": self.email_analyzer.attachment_risk(attachments)
+            }
+
+            features.append(feature_row)
+
+        feature_df = pd.DataFrame(features)
+
+        feature_df["sender_domain"] = self.domain_encoder.fit_transform(domains)
+
+        text_data = df["email_body"].fillna("")
+
+        tfidf_matrix = self.vectorizer.fit_transform(text_data)
+
+        tfidf_df = pd.DataFrame(
+
+            tfidf_matrix.toarray(),
+
+            columns=self.vectorizer.get_feature_names_out()
+        )
+
+        final_features = pd.concat([feature_df, tfidf_df], axis=1)
+
+        return final_features

phinet/model.py

@@ -0,0 +1,129 @@
+import numpy as np
+import joblib
+
+from sklearn.ensemble import GradientBoostingClassifier
+from sklearn.ensemble import RandomForestClassifier
+
+from .bert_detector import BERTPhishingDetector
+
+
+class PHINetBoost:
+
+    def __init__(self, n_estimators=150):
+
+        # Traditional ML models
+        self.model1 = GradientBoostingClassifier(
+            n_estimators=n_estimators
+        )
+
+        self.model2 = RandomForestClassifier(
+            n_estimators=n_estimators
+        )
+
+        # AI Deep Learning Model
+        self.bert = BERTPhishingDetector()
+
+        self.is_trained = False
+
+
+    # -----------------------------
+    # Train ML Models
+    # -----------------------------
+    def fit(self, X, y):
+
+        self.model1.fit(X, y)
+
+        self.model2.fit(X, y)
+
+        self.is_trained = True
+
+
+    # -----------------------------
+    # Basic Ensemble Prediction
+    # -----------------------------
+    def predict(self, X):
+
+        if not self.is_trained:
+
+            raise Exception("Model must be trained before prediction")
+
+        p1 = self.model1.predict(X)
+
+        p2 = self.model2.predict(X)
+
+        final_predictions = []
+
+        for i in range(len(p1)):
+
+            if p1[i] + p2[i] >= 1:
+
+                final_predictions.append(1)
+
+            else:
+
+                final_predictions.append(0)
+
+        return np.array(final_predictions)
+
+
+    # -----------------------------
+    # Prediction Probability
+    # -----------------------------
+    def predict_proba(self, X):
+
+        prob1 = self.model1.predict_proba(X)
+
+        prob2 = self.model2.predict_proba(X)
+
+        final_prob = (prob1 + prob2) / 2
+
+        return final_prob
+
+
+    # -----------------------------
+    # AI Enhanced Prediction
+    # -----------------------------
+    def predict_with_ai(self, X, email_text):
+
+        if not self.is_trained:
+
+            raise Exception("Model must be trained before prediction")
+
+        ml_prediction = self.predict(X)[0]
+
+        bert_prediction = self.bert.predict(email_text)
+
+        # Ensemble decision
+        if ml_prediction + bert_prediction >= 1:
+
+            return 1
+
+        return 0
+
+
+    # -----------------------------
+    # Save Model
+    # -----------------------------
+    def save(self, path="phinet_model.pkl"):
+
+        joblib.dump(
+            {
+                "model1": self.model1,
+                "model2": self.model2
+            },
+            path
+        )
+
+
+    # -----------------------------
+    # Load Model
+    # -----------------------------
+    def load(self, path="phinet_model.pkl"):
+
+        data = joblib.load(path)
+
+        self.model1 = data["model1"]
+
+        self.model2 = data["model2"]
+
+        self.is_trained = True

phinet/test_model.py

@@ -0,0 +1,29 @@
+import pandas as pd
+
+from phinet import PHINetBoost, PHINetFeatureEngine
+
+
+def test_prediction():
+
+    df = pd.DataFrame([{
+
+        "email_id": "scammer@fakebank.com",
+
+        "email_body": "Urgent verify your bank account immediately",
+
+        "urls": "http://fakebank-login.com",
+
+        "attachments": "dangerous.zip"
+    }])
+
+    engine = PHINetFeatureEngine()
+
+    X = engine.transform(df)
+
+    model = PHINetBoost()
+
+    model.fit(X, [1])
+
+    prediction = model.predict(X)
+
+    assert prediction[0] == 1

phinet/url_analyzer.py

@@ -0,0 +1,62 @@
+from urllib.parse import urlparse
+from .utils import contains_ip
+
+
+class URLAnalyzer:
+
+    def url_count(self, urls):
+
+        if not urls:
+            return 0
+
+        return len(urls.split())
+
+
+    def https_count(self, urls):
+
+        if not urls:
+            return 0
+
+        return urls.count("https")
+
+
+    def suspicious_pattern_score(self, urls):
+
+        if not urls:
+            return 0
+
+        patterns = [
+            "login",
+            "verify",
+            "secure",
+            "update",
+            "bank"
+        ]
+
+        score = 0
+
+        for p in patterns:
+
+            if p in urls.lower():
+
+                score += 1
+
+        return score
+
+
+    def has_ip_address(self, urls):
+
+        return contains_ip(urls)
+
+
+    def extract_domain(self, url):
+
+        try:
+
+            parsed = urlparse(url)
+
+            return parsed.netloc
+
+        except:
+
+            return "unknown"

phinet/utils.py

@@ -0,0 +1,41 @@
+import re
+
+SUSPICIOUS_WORDS = [
+    "login", "verify", "update", "secure",
+    "bank", "account", "password", "click", "confirm"
+]
+
+URGENCY_WORDS = [
+    "urgent", "immediately", "action required",
+    "verify now", "suspend"
+]
+
+
+def count_suspicious_words(text):
+
+    if not text:
+        return 0
+
+    text = text.lower()
+
+    return sum(word in text for word in SUSPICIOUS_WORDS)
+
+
+def urgency_score(text):
+
+    if not text:
+        return 0
+
+    text = text.lower()
+
+    return sum(word in text for word in URGENCY_WORDS)
+
+
+def contains_ip(url):
+
+    if not url:
+        return 0
+
+    pattern = r'\d+\.\d+\.\d+\.\d+'
+
+    return 1 if re.search(pattern, url) else 0

phinet_secure-1.0.0.dist-info/METADATA

@@ -0,0 +1,18 @@
+Metadata-Version: 2.4
+Name: phinet-secure
+Version: 1.0.0
+Summary: Advanced phishing email detection package using ML and AI
+Author: Vasant Lohar
+Requires-Python: >=3.8
+License-File: LICENSE
+Requires-Dist: pandas
+Requires-Dist: numpy
+Requires-Dist: scikit-learn
+Requires-Dist: transformers
+Requires-Dist: torch
+Requires-Dist: joblib
+Dynamic: author
+Dynamic: license-file
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary

phinet_secure-1.0.0.dist-info/RECORD

@@ -0,0 +1,15 @@
+phinet/__init__.py,sha256=maakAkMv-vS6DB-dNm2H-O4C8d4cdItpCJDGS6Ay-gc,222
+phinet/bert_detector.py,sha256=2mJ9FZCY_jH0y933ij85ty07oVpbQwh6a4HwZAWKOso,942
+phinet/cli.py,sha256=lWa7JFH7lzAHZxfdgDBrDo7f8HM2LGbOGndNsAeVwfM,871
+phinet/email_analyzer.py,sha256=hN1cETYEJp9EFcGeD-UkMyw7ZZV-1fhYLAwGi5T6fqg,793
+phinet/feature_engine.py,sha256=b7Ep4Tw3lH7Dzo2W1o5PorqvlpryJIKEkxLbtGJVIRk,2197
+phinet/model.py,sha256=tVThhEY5aFM1jtoUccdHuGsM2lG3zwxMZxEPhUGZ6ak,2709
+phinet/test_model.py,sha256=KuCHS7ZMuIoFi0zV5IyyrE8FGLmGSVw8VengdetfN_E,542
+phinet/url_analyzer.py,sha256=4vg8f-lM-IUN3dsnnVrdTmfPljRwHRFENGyGGqcelu8,970
+phinet/utils.py,sha256=WuspT1R1xSS7YsEFXdDuqqGZyIQ6_oY0iReVGhIuvy0,708
+phinet_secure-1.0.0.dist-info/licenses/LICENSE,sha256=kzjkCfyFFOtP2UAq4WYs--vVYt_lIGW2kqAiQ8NSN_A,189
+phinet_secure-1.0.0.dist-info/METADATA,sha256=5w4Q0WUaHNnjxJUI5tO7jgq88VZEk-2AbgybRtvDicE,453
+phinet_secure-1.0.0.dist-info/WHEEL,sha256=aeYiig01lYGDzBgS8HxWXOg3uV61G9ijOsup-k9o1sk,91
+phinet_secure-1.0.0.dist-info/entry_points.txt,sha256=hBsAwe6WxuLsAW-LuIVYAXOSVH3PlWQisi6Z3IRLstA,48
+phinet_secure-1.0.0.dist-info/top_level.txt,sha256=UOZ_EtqnEH5sL86cNZlrLLzDd92ysmHWCRyyJK4YclE,7
+phinet_secure-1.0.0.dist-info/RECORD,,

phinet_secure-1.0.0.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (82.0.1)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

phinet_secure-1.0.0.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+phinet-scan = phinet.cli:main

phinet_secure-1.0.0.dist-info/licenses/LICENSE

@@ -0,0 +1,6 @@
+MIT License
+
+Copyright (c) 2026 Vasant Lohar
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software to deal in the Software without restriction.

phinet_secure-1.0.0.dist-info/top_level.txt

@@ -0,0 +1 @@
+phinet