OpenSquat : Detection Of Phishing Domains And Domain Squatting.

OpenSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or domains, such as:

Phishing campaigns
Domain squatting
Typo squatting
Bit squatting
IDN homograph attacks
Doppen ganger domains
Other brand/domain related scams

It does support some key features such as:

Automatic newly registered domain updating (once a day)
Levenshtein distance to calculate word similarity
Fetches active and known phishing domains (Phishing Database project)
IDN homograph attack detection
Integration with VirusTotal
Integration with Quad9 DNS service
Use different levels of confidence threshold to fine tune
Save output into different formats (txt, JSON and CSV)
Can be integrated with other threat intelligence tools and DNS sinkholes

How to Install

git clone https://github.com/atenreiro/opensquat
pip install -r requirements.txt

The “pip install” is just to make sure no new libs were added with the new upgrade.

Usage Examples

Edit the “keywords.txt” with your customised keywords to hunt.

#Lazy run with default options
python opensquat.py
#for all the options
python opensquat.py -h
#Search for generic terms used in phishing campaigns (can lead to false positives)
python opensquat.py -k generic.txt
#With DNS validation (quad9)
python opensquat.py –dns
#Subdomain search
python opensquat.py –subdomains
#Check for domains with open ports 80/443
python opensquat.py –portcheck
#With Phishing validation (Phishing Database)
python opensquat.py –phishing phish_results.txt
#Save output as JSON
python opensquat.py -o example.json -t json
#Save output as CSV
python opensquat.py -o example.csv -t csv
#Conduct a certificate transparency (ct) hunt
python opensquat.py –ct
#Period search – registrations from the last month (default: day)
python opensquat.py -p month
#Tweak confidence level. The lower values bring more false positives
#(0: very high, 1: high (default), 2: medium, 3: low, 4: very low
python opensquat.py -c 2
#All validations options
python opensquat.py –phishing phishing_domains.txt –dns –ct –subdomains –portcheck

Download

R K

Next JNDI-Injection-Exploit : A Tool Which Generates JNDI Links Can Start Several Servers »

Previous « Win-Brute-Logon : Crack Any Microsoft Windows Users Password Without Any Privilege

Ethical Hacking And Penetration Testing Tools – Harnessing Python For Robust Cybersecurity Solutions

This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…

2 days ago

Cyber security

SentinelEye – Automated Wireless Security Toolkit

"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…

2 days ago

Cyber security

Autohack : Your Step-By-Step Guide To Installation And Setup

The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…

2 days ago

Cyber security

Poodone – A Comprehensive Toolkit For Cybersecurity Professionals

Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…

3 days ago

Pentesting Tools

Unbekannt Framework – The Comprehensive Hacking And Pentesting Suite For Windows

The Linux version is no longer supported! The last Linux version is 6.0 that you…

3 days ago

Cyber security

Jin – Your Hacking CLI Toolkit

Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…

3 days ago

Kali Linux Tutorials