A developer going by the handle parastejpal987cmyk has released two free tools — OpticParse and PhishVision — designed to catch phishing sites that traditional URL reputation databases miss entirely. The API uses AI vision capabilities rather than relying solely on known threat lists, allowing it to identify brand-new phishing domains the moment they go live.
Why Existing Tools Fail
Traditional phishing detection APIs work by cross-referencing URLs against massive databases of known malicious domains. The fundamental flaw in this approach? Brand new phishing sites aren't in any database yet. By the time a threat gets added to these blocklists, attackers have already harvested credentials from thousands of victims. PhishVision sidesteps this entirely by analyzing site content and visual elements rather than checking URLs against a list.
The Prompt Injection Problem
But the project doesn't stop at conventional phishing. According to the DEV.to post, OpticParse is specifically designed to catch prompt injection attacks — a growing threat vector that traditional URL scanners have zero visibility into. Prompt injection involves embedding malicious instructions within website content designed to manipulate AI systems reading the page. Unlike a suspicious domain name, there's nothing inherently "bad" about the URL itself.
How It Works
The system appears to leverage computer vision capabilities to analyze screenshots and visual elements of web pages, comparing them against known phishing templates and brand impersonation patterns. This approach means even freshly registered domains hosting convincing fake login pages get flagged immediately — no database update required.
Key Features
- Free API access with no rate limiting mentioned in the announcement
- AI vision-based detection that bypasses traditional URL blocklists
- Prompt injection detection for sites targeting LLM-powered systems
- Real-time analysis of web page content and visual appearance
- Open approach that could be integrated into existing security stacks
The Bigger Picture
This release highlights a growing gap in enterprise security tooling. As organizations deploy more AI-powered systems that scrape and process web content, prompt injection becomes an increasingly viable attack vector. Having detection mechanisms that understand content-level threats rather than just URL reputation could become essential infrastructure.
The Bottom Line
OpticParse and PhishVision represent a clever shift in phishing detection strategy — moving from reactive database lookups to proactive content analysis. Whether you're protecting users or hardening AI systems against manipulation, these tools are worth keeping on your radar.