PhishAID is built using a modern, cloud-native technology stack designed for simplicity, scalability, and security. Each component of the system is selected to support a rule-based phishing detection workflow while maintaining transparency and ease of deployment.
The stack integrates frontend technologies, backend services, cloud infrastructure, and security layers into a cohesive and maintainable system.
| Layer / Module | Platform / Tool | Technology Used | Purpose / Description |
|---|---|---|---|
| Frontend | GitHub (Public Repository) | HTML, CSS, JavaScript | User interface for URL input and displaying phishing analysis results. |
| Backend | GitHub (Private Repository) | Python, Flask Framework | Handles URL analysis requests and executes phishing detection rules. |
| Rule Engine | Custom Logic | Python (Rule-Based) | Implements explainable phishing detection rules based on URL and domain features. |
| Domain & Hosting | Hostinger | Domain Service | Provides the official domain used for hosting the PhishAID web interface. |
| CORS Handling | Flask CORS | Cross-Origin Resource Sharing | Enables secure communication between frontend and backend services. |
| CDN | Cloudflare CDN | Content Delivery Network | Improves loading speed and reduces latency using global edge caching. |
| Security & DNS | Cloudflare | DNS, WAF, DDoS Protection | Protects the platform against network-level and application-level attacks. |
| Cloud Service | Google Cloud Run | Container Deployment | Runs the backend as a containerized, serverless service. |
| Database | Google Firestore API | NoSQL Database | Stores analysis logs, rule execution results, and metadata. |
| Notification Service | Gmail API | Email Service | Sends phishing alerts and analysis reports to users and administrators. |
| Cloud Deployment | Google Cloud Run | Managed Container Service | Ensures secure, scalable, and automated backend deployment. |
The infrastructure is designed to minimize operational complexity while maintaining strong security guarantees. Static frontend hosting combined with serverless backend deployment reduces maintenance overhead and eliminates single points of failure.
Cloudflare services provide an additional security and performance layer, while Google Cloud Run enables automatic scaling based on request load.
PhishAID’s modular architecture allows individual components such as the rule engine, database, and notification system to be extended or replaced independently. This design supports future enhancements without requiring major architectural changes.
The use of containerization and managed cloud services ensures that the system remains portable, reliable, and easy to deploy across environments.
In later phases, the technical stack can be extended to include advanced analytics dashboards, hybrid AI-assisted detection modules, and integration with threat intelligence feeds while preserving the existing rule-based foundation.