search

atenreiro / opensquat

The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.
https://opensquat.com
GNU General Public License v3.0
685 stars 130 forks source link

Add Dnstwist-inspired enumeration option or approach to expand domains reviewed beyond the newly registered #86

Open OrlandoMD opened 1 year ago

OrlandoMD commented 1 year ago

I propose we bolster our phishing detection capabilities by factoring an Dnstwist-based option or capability for OpenSquat. Dnstwist is adept at identifying potential phishing domains by generating derivative attack domains from an inputted domain, making it a crucial asset in phishing prevention. Hosted web site to try it out: https://dnstwister.report/ Further details on Dnstwist can be found here: https://github.com/elceef/dnstwist. Article: https://www.bleepingcomputer.com/news/security/dnstwist-helps-you-find-phishing-sites-based-on-your-domain/

atenreiro commented 1 year ago

Hello @OrlandoMD

The DNS Fuzzing method is interesting, but it may take some time to develop this feature unless someone joins the development team.

maaaaz commented 1 year ago

Good idea. Take a look at this also: https://github.com/typosquatter/ail-typo-squatting