search

elceef / dnstwist

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
https://dnstwist.it
Apache License 2.0
4.81k stars 764 forks source link

[Question] Running dnstwist inside another script #119

Closed danieleperera closed 2 years ago

danieleperera commented 3 years ago

Hi,

I'd like to run dnstwist inside another script with some additional parameters.

import dnstwist
fuzz = dnstwist.DomainFuzz("google.com")
fuzz.generate()
fuzz.domains

[{'domain-name': 'google.com', 'fuzzer': 'Original*'}, {'domain-name': 'googlea.com', 'fuzzer': 'Addition'}, {'domain-name': 'googleb.com', 'fuzzer': 'Addition'}, {'domain-name': 'googlec.com', 'fuzzer': 'Addition'}, {'domain-name': 'googled.com', 'fuzzer': 'Addition'}, {'domain-name': 'googlee.com', 'fuzzer': 'Addition'}, {'domain-name': 'googlef.com', 'fuzzer': 'Addition'}, {'domain-name': 'googleg.com', 'fuzzer': 'Addition'}, 
..................
..................
 'fuzzer': 'Transposition'}, {'domain-name': 'googel.com', 'fuzzer': 'Transposition'}, {'domain-name': 'gaogle.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'geogle.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'googlo.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'googli.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'guogle.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'gougle.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'goegle.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'goagle.com', 'fuzzer': 'Vowel swap'}, {'domain-name': 'wwgoogle.com', 'fuzzer': 'Various'}, {'domain-name': 'wwwgoogle.com', 'fuzzer': 'Various'}, {'domain-name': 'www-google.com', 'fuzzer': 'Various'}, {'domain-name': 'googlecom.com', 'fuzzer': 'Various'}]

The above code works fine but how can I add the following parameters to the above code?

--debug
--registered
--format=json
--tld=./abused_tlds.txt

Thanks

elceef commented 3 years ago

Please note the following example code is as simple as possible: runs single thread (which makes it slow for most applications) and provides no input validation and error checking.

import dnstwist
import queue

abused_tlds = [x.strip() for x in open('abused_tlds.txt').readlines()]

fuzz = dnstwist.DomainFuzz('google.com', tld_dictionary=abused_tlds)
fuzz.generate()

jobs = queue.Queue()
for j in fuzz.domains:
    jobs.put(j)

worker = dnstwist.DomainThread(jobs)
worker.setDaemon(True)
worker.debug = True
worker.start()

worker.join()

domains = fuzz.permutations(registered=True)
print(dnstwist.create_json(domains))
danieleperera commented 3 years ago

Thanks. In this case do you suggest using subprocess?

    process = subprocess.Popen([
        'dnstwist',
        '--debug',
        '--registered', 
        '--format=json',
        '--tld=./abused_tlds.dict',
        '{}'.format(dns_monitored.domain_name),
    ],stdout=subprocess.PIPE,stderr=subprocess.PIPE)
    stdout = process.communicate()[0]

Plus I'd also like to specify the dns server like 1.1.1.1 or 8.8.8.8. How can I also apply it? Thanks again!

elceef commented 3 years ago

Running it with subprocess would be quick and dirty solution - do not recommend it. Set up more threads and configure them with custom DNS resolvers like this:

worker.option_extdns = True
worker.nameservers = ['1.1.1.1', '8.8.8.8']
sandrajsl commented 3 years ago

I'm relatively new to multiprocessing... How can I apply it to the example above? Or at least point me to the right direction? Thanks!

rafagregs commented 2 years ago

I have the same problem, and the solution aparently deprecated. How can i use dnstwist under a list of domains and catch only registered results? i try this, but i receive thread errors

import dnstwist df['fuzz_count'] = 0

for i in df.index: dominio = df['url_'][i] dados = dnstwist.run(domain = dominio, registered=True) df['fuzz_count'][i] = len(dados)

Please note the following example code is as simple as possible: runs single thread (which makes it slow for most applications) and provides no input validation and error checking.

import dnstwist
import queue

abused_tlds = [x.strip() for x in open('abused_tlds.txt').readlines()]

fuzz = dnstwist.DomainFuzz('google.com', tld_dictionary=abused_tlds)
fuzz.generate()

jobs = queue.Queue()
for j in fuzz.domains:
  jobs.put(j)

worker = dnstwist.DomainThread(jobs)
worker.setDaemon(True)
worker.debug = True
worker.start()

worker.join()

domains = fuzz.permutations(registered=True)
print(dnstwist.create_json(domains))
elceef commented 2 years ago

With introduction of simple API and dnstwist.run(), running the tool within another script should be pretty straightforward. Please refer to the README file.