elceef
commented
1 year ago dnstwist is an active scanner - it resolves many domain name candidates using configured DNS resolvers. If additional features like ssdeep or phash are enabled, the tool will also make direct HTTP requests to the servers behind resolved domain permutations in order to fetch the content.
Hi, Can you please explain the process of the dnstwist in the python package (Who are the requests sent to? from where its get all the details and etc.. ) And another question, if I don't use the ssdeep arg, did it make a request to the suspicious domain site? I tried to go through the code, but I got a little confused, I would appreciate your help. Thanks!