openSquat is an opensource Intelligence (OSINT) R&D project to identify cyber squatting threats to specific companies or domains, such as domain squatting, typo squatting, IDN homograph attacks, phishing and scams.
What is openSquat?
openSquat is an opensource Intelligence (OSINT) R&D project to identify cyber squatting threats to specific companies or domains, such as:
- Domain squatting
- Typo squatting
- IDN homograph attacks
- Phishing
- Doppenganger domains
- Scams
This is an opensource project so everyone’s welcomed to contribute.
It does support some key features such as:
- Automatic newly registered domain updating (once a day)
- Levenshtein distance to calculate word similarity
- IDN homograph attack detection
- Use different levels of confidence threshold to fine tune
- Save output into different formats (txt, JSON and CSV)
- Can be integrated with other threat intelligence tools and DNS sinkholes
Installation
$ git clone https://github.com/atenreiro/opensquat
$ pip3 install -r requirements.txt
Make sure you have Python 3.6+ and pip3 in your environment
Usage Examples
# Lazy run with default options
$ python3 opensquat.py
# for all the options
$ python3 opensquat.py -h
To Do / Roadmap
- Finalise the support for Jaro-Winkler (word similarity)
- Integration with VirusTotal (VT)
- Use certificate transparency public database as another source
Homograph detectiondone- Improve code quality from B to A grade (codacy)
- PEP8 compliance
- Add documentation
opensquat (este enlace se abre en una nueva ventana) por atenreiro (este enlace se abre en una nueva ventana)
The openSquat project is an open-source solution for detecting domain look-alikes by searching for newly registered domains that might be impersonating other legit domains.