Skip to content
Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
database ❤️Open source Apr 28, 2017
dictionaries ❤️Open source Apr 28, 2017
docs/screenshots [UPDATE] Reduce image size Apr 29, 2017
lib ❤️Open source Apr 28, 2017
.eslintrc ❤️Open source Apr 28, 2017
.gitignore ❤️Open source Apr 28, 2017
README.md [UPDATE] 🎉 Add screenshots Apr 29, 2017
cli.js ❤️Open source Apr 28, 2017
config.js ❤️Open source Apr 28, 2017
package.json [FIX] Update the cli file path Dec 27, 2017
yarn.lock ❤️Open source Apr 28, 2017

README.md

DomainFuzz

Find similar-looking domain names that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud and corporate espionage. Useful as an additional source of targeted threat intelligence.

Demo

Usage

TODO.

Command util

This project provides a cli tool.

For example, use qq.com as a target:

node cli.js --target qq.com --format csv --out-put qq.csv -c 10 --modules whois,banners,mxcheck,geoip

Options

  • --target <domain> target domain name or URL to check
  • -o --out-put <file> Output filename
  • -f --format <type> Output format (JSON|CSV) [JSON]
  • -c --concurrency <num> start specified NUMBER of concurrency
  • --modules <module> Enable modules (whois|banners|mxcheck|ssdeep|geoip)
  • --nameservers <nameservers> comma separated list of nameservers to query
  • --dictionary <file> generate additional domains using dictionary FILE
  • --registered show only registered domain names (TODO)
  • --can-register show only can register domain names (TODO)

Dependencies

Reference

You can’t perform that action at this time.