Updated the README.md and similar_projects.md from the master 1.04b r…

…elease (bringing it inline with rest)

dnstwister/dnstwist/docs/README.md

@@ -1,5 +1,9 @@
-dnstwist
-========
+                     _           _            _     _
+                  __| |_ __  ___| |___      _(_)___| |_
+                 / _` | '_ \/ __| __\ \ /\ / / / __| __|
+                | (_| | | | \__ \ |_ \ V  V /| \__ \ |_
+                 \__,_|_| |_|___/\__| \_/\_/ |_|___/\__|
+
 
 See what sort of trouble users can get in trying to type your domain name.
 Find similar-looking domains that adversaries can use to attack you. Can detect
@@ -19,48 +23,30 @@ web pages to see if they are live phishing sites.
 Key features
 ------------
 
-There are several pretty good reasons to give it a try:
-
-- Wide range of efficient domain fuzzing algorithms
+- A wide range of efficient domain fuzzing algorithms
+- Unicode domain names (IDN)
 - Multithreaded job distribution
-- Resolves domain names to IPv4 and IPv6
-- Queries for NS and MX records
+- Queries A, AAAA, NS and MX records
 - Evaluates web page similarity with fuzzy hashes to find live phishing sites
 - Tests if MX host (mail server) can be used to intercept misdirected e-mails
-  (espionage)
-- Generates additional domain variants using dictionary files
+- Additional domain variants using dictionary files
 - GeoIP location information
 - Grabs HTTP and SMTP service banners
 - WHOIS lookups for creation and modification date
-- Prints output in CSV and JSON format
+- Output in CSV and JSON format
 
 
 Requirements
 ------------
 
-If you want *dnstwist* to develop full power, please make sure the following
-Python modules are present on your system. If missing, *dnstwist* will still
-work, but without many cool features. You'll get a notification in absence of
-required module.
-
-- [A DNS toolkit for Python](http://www.dnspython.org/)
-- [Python GeoIP](https://pypi.python.org/pypi/GeoIP/)
-- [Python WHOIS](https://pypi.python.org/pypi/whois)
-- [Requests: HTTP for Humans](http://www.python-requests.org/)
-- [ssdeep Python wrapper](https://pypi.python.org/pypi/ssdeep)
-
-
-Installation
-------------
-
 **Linux**
 
 Ubuntu Linux is the primary development platform. If running Ubuntu 15.04 or
 newer, you can install dependencies like this:
 
 ```
 $ sudo apt-get install python-dnspython python-geoip python-whois \
-python-requests python-ssdeep
+python-requests python-ssdeep python-cffi
 ```
 
 Alternately, you can use Python tooling. This can be done within a virtual
@@ -72,8 +58,6 @@ $ sudo apt-get install libgeoip-dev libffi-dev
 $ BUILD_LIB=1 pip install -r requirements.txt
 ```
 
-Now it is fully equipped and ready for action.
-
 **OSX**
 
 If you're on a Mac, you can install dnstwist via
@@ -89,23 +73,13 @@ file extension, and the binary will be added to `PATH`.
 
 **Docker**
 
-If you use Docker, you can build a local copy:
+If you use Docker, you can pull official image from Docker Hub and run it:
 
 ```
-$ docker build -t dnstwist .
+$ docker pull elceef/dnstwist
+$ docker run elceef/dnstwist example.com
 ```
 
-Then run that local image:
-
-```
-$ docker run dnstwist example.com
-```
-
-If you don't want to build locally here is a list of community maintained
-images:
-
-- [jrottenberg/dnstwist](https://hub.docker.com/r/jrottenberg/dnstwist/)
-
 
 How to use
 ----------
@@ -118,6 +92,14 @@ potential phishing domains with the following DNS records: A, AAAA, NS and MX.
 $ dnstwist.py example.com
 ```
 
+Usually generated list of domains has more than a hundred of rows - especially
+for longer domain names. In such cases, it may be practical to display only
+registered (resolvable) ones using *--registered* argument.
+
+```
+$ dnstwist.py --registered example.com
+```
+
 Manually checking each domain name in terms of serving a phishing site might be
 time consuming. To address this, *dnstwist* makes use of so called fuzzy hashes
 (context triggered piecewise hashes). Fuzzy hashing is a concept which involves
@@ -179,14 +161,6 @@ $ dnstwist.py --csv example.com > out.csv
 $ dnstwist.py --json example.com > out.json
 ```
 
-Usually generated list of domains has more than a hundred of rows - especially
-for longer domain names. In such cases, it may be practical to display only
-registered (resolvable) ones using *--registered* argument.
-
-```
-$ dnstwist.py --registered example.com
-```
-
 The tool is shipped with built-in GeoIP database. Use *--geoip* argument to
 display geographical location (country name) for each IPv4 address.
 
@@ -204,20 +178,33 @@ $ dnstwist.py --help
 Good luck!
 
 
+Coverage
+--------
+
+Along with the length of the domain, the number of variants generated by the
+algorithms increases considerably and therefore the number of DNS queries
+needed to verify them. For example, to check all variants for google.com, you
+would have to send over 300k queries. For the domain facebook.com the number
+increases to over 5 million. How easy it is to guess it takes a lot of
+resources and most importantly even more time. For longer domains checking all
+is simply not possible. For this reason, this tool generates and checks domains
+very close to the original - the Levenshtein distance does not exceed 2.
+Theoretically, these are the most attractive domains from the attacker's point
+of view. However, be aware that the imagination of the aggressors is unlimited.
+
+
 Contact
 -------
 
 To send questions, comments or a chocolate, just drop an e-mail at
 [marcin@ulikowski.pl](mailto:marcin@ulikowski.pl)
 
-You can also reach me via:
+You can also reach the author via:
 
 - Twitter: [@elceef](https://twitter.com/elceef)
 - LinkedIn: [Marcin Ulikowski](https://pl.linkedin.com/in/elceef)
 
-Any feedback is appreciated. I like to receive notifications from satisfied
-customers so if you were able to run the tool and you are happy with the
-results after just let me know.
-
-If you find some confirmed phishing domains with *dnstwist* and are comfortable
-with sharing them, please send me a message. Thank you.
+Any feedback is appreciated. If you were able to run the tool and you are happy
+with the results just let me know. If you find some confirmed phishing domains
+with *dnstwist* and are comfortable with sharing them, also please send me a
+message. Thank you.

dnstwister/dnstwist/docs/similar_projects.md

@@ -39,7 +39,7 @@ https://github.com/seanthegeek/domainaware
 
 DNS Twister
 -----------
-A Google App Engine-hosted version of the very excellent dnstwist.
+A Heroku-hosted application presenting the core dnstwist functionality via
+a web application.
 
-https://github.com/thisismyrobot/dnstwister
-https://dnstwister.appspot.com/
+https://dnstwister.report/