PhishEye is an open‑source, hybrid phishing detection tool that synergizes machine learning with rule‑based verification to tackle modern phishing threats. At its core, an XGBoost classifier trained on 30 structural and lexical URL features such as SSL anomalies, IP usage, and subdomain patterns identifies subtle phishing indicators, while secondary rule‑based filters (e.g., domain‑age heuristics, URL shortening checks) and a real‑time IMAP email scanner inspect headers, attachments, and embedded links for suspicious patterns. A PyQt5‑based GUI presents transparent risk scores alongside AI‑generated feature‑weight visualizations, empowering users with clear, interpretable explanations. In evaluation on 10,000 URLs and 1,200 real emails, PhishEye achieved 94.2 % overall accuracy, a 97.2 % true positive rate in email validation, and reduced false positives by 32 %, all within an end‑to‑end latency of under 400 ms . Key contributions of PhishEye include its novel hybrid detection framework—melding high‑precision ML predictions with human‑readable rule checks—its user‑centric design with contextual tooltips and isolated “safe‑view” modes, and its modular, community‑driven architecture supporting seamless model updates and feature expansions. Use cases span spear‑phishing alerting, invoice‑fraud prevention, and credential‑harvesting detection, demonstrating PhishEye’s versatility across real‑world scenarios.