Program

/

CODE BLUE 2025

Time Table

TOAMI (Casting Net): A Browser Extension Tool for Supporting Phishing Hunters

DAY 2

13:00-13:40

This presentation introduces “TOAMI,” a browser extension tool designed to assist phishing hunters.

TOAMI is an open-source tool developed for phishing hunters to detect phishing sites in real-time. Unlike traditional phishing site detection, which primarily focuses on identifying corporate brand misuse, TOAMI analyzes phishing kits using Indicators of Kit (IoK) to identify malicious sites.

As a browser extension, TOAMI enables anyone to easily conduct site investigations with minimal setup.

When TOAMI is activated, investigation logs, site screenshots, and other relevant data are automatically collected and saved locally. Phishing sites often employ techniques like cloaking to prevent re-access to the same site. TOAMI’s functionality allows it to capture crucial evidence, such as screenshots, even when cloaking techniques are used, thereby avoiding issues like inaccessible sites or missing data.

  • Location :

    • Track 3(Room 3)

  • Category :

    • Bluebox

  • Share :

Speakers

  • 坪井 祐一 の写真

    Yuichi Tsuboi

    坪井 祐一

    Yuichi Tsuboi is a Cyber Threat Intelligence Operations Architect at NTT Docomo Business, Inc. He has been involved in the development of security systems since around 2012, and has participated in various security-related projects, including the development, maintenance, and operation of the "WideAngle RTMD" service, part of NTT Docomo Business's comprehensive security risk management service "WideAngle." In recent years, he has focused on anti-phishing measures, giving presentations as a "Phishing Hunter" at security conferences such as JSAC2024, Information Security Workshop in Echigo-Yuzawa, and the JPAAWG 7th General Meeting, and dedicating himself to enlightenment activities and the dissemination of best practices. He is a Senior Certified Professional (Security Principal) under the NTT Group's security certification program and holds a CISSP certification.