SPOT - Spear-Phishing Overwatching Tool¶
SPOT is an open-source email-security platform that decides whether each incoming message is a spear-phishing or business-email-compromise attempt and helps the operator act on the verdict. It runs a chosen set of classifiers against every email, enriches the analysis with organisational context, and exposes the result through a dashboard and an API.
Where to start¶
The documentation is split by audience:
| You are … | Start with |
|---|---|
| Trying SPOT for the first time | Platform → Concepts → How SPOT works |
| Installing SPOT for production | Platform → Admin guide and Deployment |
| Using SPOT day to day | Web UI → Operator guide |
| Building a plugin | SDK |
| Reporting a vulnerability | SECURITY.md |
| Contributing | CONTRIBUTING.md |
What SPOT does¶
SPOT receives email through a mail retriever of your choice (SMTP, IMAP, …), enriches it with organisational facts deposited by context providers (employee directory, partner-domain list, policy wiki, …), runs it through one or more analyzers (NLP, LLM, rule-based, threat-intelligence, classical ML, …), and produces a verdict: phishing yes/no, threat level, confidence, indicators, and a recommended action.
Operators see the verdict, the original email, and the contributing analyzers in a dashboard. They can adjust the policies that govern how analyzers combine, install or update plugins, browse the knowledge that providers have deposited, and inspect every analysis SPOT has ever produced.
Links¶
| Resource | Where |
|---|---|
| Source code (all repositories) | codeberg.org/SPOT_Project |
| Container images | hub.docker.com/u/spotproject |
| Python SDK | pypi.org/project/spot-sdk-python |
| TypeScript SDK | npmjs.com/package/spot-sdk-typescript |
| Models library | huggingface.co/spotproject |
The documentation in this site is built from the docs in the Codeberg repositories above.
License¶
SPOT is published under the Apache License 2.0. See LICENSE.