elceef
commented
1 year ago In general, TLD authorities disallow mixing of characters coming from different Unicode scripts or maintain their own sets of acceptable characters. There are very few Cyrillic characters that look like Latin ones, and since you can't mix them, the use cases are extremely limited. Are you able to provide a similar example to apple.com (xn--80ak6aa92e.com)?
julotools
The POC: "аррӏе.com" of homograph attack is not detected by a "dnstwist" on the real website "apple.com".
Some characters are missing in the glyph list of the file: dnstwist.py line: 408 in: self.glyphs = {
ex : "аррӀе" -> "apple" "а" (U+0430) -> a "р" (U+0440) -> p "Ӏ" (U+04C0) -> l "е" (U+0435) -> e
But there are others to add like: "оօᴑᴄсѕгсԀԁց", the detail