twistrs VS dnstwist

I recently stumbled upon 2 cool domain permutation tools: HIBS & dnstwist

It’s powered by twistrs, a Rust typoesquatting library we authored a while back. It’s not much but I hope you enjoy it – would love to hear your feedback and/or questions!

Regarding your question, we pack a large number of different whois servers in the twistrs library that we then use to perform lookups. I suspect we'll eventually hit the same throttling issue and to be brutally honest, it's unclear what a feasible solution to this would look like at this point in (perhaps throttling whois feature entirely). In your context, where you sending all requests to a single API?

Regarding the domain, the missing vowel should be one of the permutations. If it's not a sensitive domain would you mind opening an issue on twistrs highlighting which domain wasn't caught. If it's sensitive you can simple DM me on Reddit or send an email to juxhin[at]phishdeck.com

Yes it does, you can take a peak into the internals over here - https://github.com/JuxhinDB/twistrs/blob/3b20ed48c0c567a72d8...

I recently stumbled upon 2 cool domain permutation tools: HIBS & dnstwist

https://dnstwist.it/ - check your domain now

You can hunt down evil twin domains with https://dnstwist.it/

I periodically run dnstwist and add whatever it finds to our block list.

Pi-hole (with every reasonable blocklist I can find) protects me from many of these domains. NextDNS would be another option for DNS-based blocking for people who don't want to administer it themselves. I also plan to use DNSTwist to generate additional blocklists for typo-based phishing that I can plug into the Pi-hole for important sites.