New phishing websites are setup every few seconds with intentions on stealing your credentials, infecting your system, or convincing you via social engineering. Most of these sites are distributed and deployed through (mostly crude) automation which usually results in attackers leaving their kits behind. During this talk we will walk through what phish kits are, why they are important for security research, and how you can automate identifying these kits in the wild.