Credential phishing is super lame. Sadly it's one of the main workhorses behind financing so much bad stuff that it deserves to be smacked around by a large trout. Over the past year I've written automation to help turn a monumentally mundane task of scraping/screenshotting/archiving and writing snort/suricata signatures for phish. This is not a phishing 101 talk, we will get techincal right off the bat. I will discuss various trends in backend phish templates that have been used to generate Emerging Threats IDS signatures and release scripts that can assist anyone who has an interest in making life harder for these scammers.