Subdomain swapping fuzzer for .uk TLD?

[nick13jaremek]

Hello,

There is a specific use case that I am unsure whether it is covered by dnstwist. Let me provide all the relevant details for context.

Context

Domains from the .uk TLD can have any of the following second-level domains (SLDs).

• co.uk Commercial entities and purposes
• ltd.uk Private limited companies
• me.uk Personal names
• net.uk Internet Service Providers' infrastructure
• org.uk Not-for-profit entities
• plc.uk Public limited companies

This list has been extracted from the Nominet UK rule book (Appendix A)

Expected use case

Given a domain nrb.org.uk (made up for testing), I get the following nrfb.org.uk in the output, but not nrfb.co.uk, nrfb.plc.uk, etc...which I would expect in this particular scenario, given the .uk rules outlined above.

Here is the piece of code I used to generate the outputs in case it helps:

from dnstwist import Fuzzer, UrlParser

domain = 'nrb.org.uk'
try:
    url = UrlParser(domain)
except Exception as error:
    print(f"invalid domain | domain: {domain}")

fuzz = Fuzzer(url.domain, dictionary=[], tld_dictionary=[])
fuzz.generate()
domains = fuzz.domains

for domain in domains:
    print(domain['domain'])

Is this use case addressed somehow by dnstwist? If yes, how could it be achieved?

I understand this is quite specific, and if it were implemented, it would have to be extended to other TLDs that have a limited set of SLDs, as .uk does, which would increase the complexity of the underlying logic.

I would be happy to work on a PR to cover this scenario, if not covered already.

Thanks in advance!

[elceef]

How about this?

uk_sld = ['co.uk', 'ltd.uk', 'net.uk', 'org.uk', 'plc.uk']
fuzz = Fuzzer(url.domain, tld_dictionary=uk_sld)