search

typosquatter / ail-typo-squatting

Generate list of potential typo squatting domains with domain name permutation engine to feed AIL and other systems.
https://typosquatter.github.io/ail-typo-squatting/
BSD 2-Clause "Simplified" License
72 stars 4 forks source link

[feature πŸ”–] - Check if generated list "match" with registered domain #13

Open Sn0wAlice opened 9 months ago

Sn0wAlice commented 9 months ago

Hello

i am wondering if that could be interesting to add a feature on ail-typo-squatting.

What ?

Ok we can check DNS status of generated domain list. But it could be interesting to perform check of a domain has been recently generated (like 24h ago, or 7days) and check for domain that can just don't have any dns record yet.

How ?

Algorithmically speaking, it's just a fetch of a database, and a match between the generated list / dump of recent register domain

User

User infra: a cron task (or a github action) that run every morning a notify him if a new suspicious domain has been registered

idk if that is a good idea, but that can be useful for real-time threat detection ☺️

Sn0wAlice commented 9 months ago

Update

I have done some research, it's easy to do. I just need the approval that this is not a stupid idea and I will do it πŸ˜„

DavidCruciani commented 9 months ago

Hi @Sn0wAlice, It's a super idea but we prefer to keep this library in its basic usage: detect typosquatting. Anyway a dedicate tool for that seems more appropriate. Don't hesitate to paste the link here for us to contribute and use it too. Best.