dnstwist
twistrs
| dnstwist | twistrs | |
|---|---|---|
| 23 | 8 | |
| 4,550 | 87 | |
| - | - | |
| 7.6 | 6.8 | |
| about 1 month ago | 6 months ago | |
| Python | Rust | |
| Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
dnstwist
- Have I Been Squatted?
-
Domain Permutation - HaveIBeenSquatted & dnstwist
I recently stumbled upon 2 cool domain permutation tools: HIBS & dnstwist
-
Accounting got phished. Paid out big bucks
https://dnstwist.it/ - check your domain now
-
Phishing campaign defence advice
You can hunt down evil twin domains with https://dnstwist.it/
- adjacent domain names
- Alternative To Domain Tools
-
Typosquatting list
I periodically run dnstwist and add whatever it finds to our block list.
- List of 26 services for OSINT | BLUE TEAMS | RED TEAMS
-
God damn. In situations like this how can I detect the fake one? This is truly scary.
Pi-hole (with every reasonable blocklist I can find) protects me from many of these domains. NextDNS would be another option for DNS-based blocking for people who don't want to administer it themselves. I also plan to use DNSTwist to generate additional blocklists for typo-based phishing that I can plug into the Pi-hole for important sites.
- Google Search Ads showing fake bitwarden web vault site as top result.
twistrs
- Have I Been Squatted?
-
Domain Permutation - HaveIBeenSquatted & dnstwist
I recently stumbled upon 2 cool domain permutation tools: HIBS & dnstwist
-
Have I Been Squatted? – Check if your domain has been typosquatted
It’s powered by twistrs, a Rust typoesquatting library we authored a while back. It’s not much but I hope you enjoy it – would love to hear your feedback and/or questions!
-
Have I Been Squatted — free DNS typosquatting platform
Regarding your question, we pack a large number of different whois servers in the twistrs library that we then use to perform lookups. I suspect we'll eventually hit the same throttling issue and to be brutally honest, it's unclear what a feasible solution to this would look like at this point in (perhaps throttling whois feature entirely). In your context, where you sending all requests to a single API?
Regarding the domain, the missing vowel should be one of the permutations. If it's not a sensitive domain would you mind opening an issue on twistrs highlighting which domain wasn't caught. If it's sensitive you can simple DM me on Reddit or send an email to juxhin[at]phishdeck.com
-
Have I Been Sqautted – free DNS typosquatting platform
Yes it does, you can take a peak into the internals over here - https://github.com/JuxhinDB/twistrs/blob/3b20ed48c0c567a72d8...
What are some alternatives?
opensquat - The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.
dnschef - DNSChef - DNS proxy for Penetration Testers and Malware Analysts
noseyparker - Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
urlcrazy - Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
RustScan - 🤖 The Modern Port Scanner 🤖
octoDNS - Tools for managing DNS across multiple providers
Ockam - Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
amass - In-depth attack surface mapping and asset discovery
WhatBreach - OSINT tool to find breached emails, databases, pastes, and relevant information
pupy - Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
Watcher - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.