Descarga tu guía de trucos informáticos aquí
openSquat Opensource Intelligence OSINT
openSquat Opensource Intelligence OSINT

openSquat: Opensource Intelligence (OSINT)

openSquat is an opensource Intelligence (OSINT) R&D project to identify cyber squatting threats to specific companies or domains, such as domain squatting, typo squatting, IDN homograph attacks, phishing and scams.

What is openSquat?

openSquat is an opensource Intelligence (OSINT) R&D project to identify cyber squatting threats to specific companies or domains, such as:

  • Domain squatting
  • Typo squatting
  • IDN homograph attacks
  • Phishing
  • Doppenganger domains
  • Scams

This is an opensource project so everyone’s welcomed to contribute.

It does support some key features such as:

  • Automatic newly registered domain updating (once a day)
  • Levenshtein distance to calculate word similarity
  • IDN homograph attack detection
  • Use different levels of confidence threshold to fine tune
  • Save output into different formats (txt, JSON and CSV)
  • Can be integrated with other threat intelligence tools and DNS sinkholes

Installation

$ git clone https://github.com/atenreiro/opensquat
$ pip3 install -r requirements.txt

Make sure you have Python 3.6+ and pip3 in your environment

openSquat Demo
openSquat Demo

Usage Examples

# Lazy run with default options
$ python3 opensquat.py

# for all the options
$ python3 opensquat.py -h

To Do / Roadmap

  • Finalise the support for Jaro-Winkler (word similarity)
  • Integration with VirusTotal (VT)
  • Use certificate transparency public database as another source
  • Homograph detection done
  • Improve code quality from B to A grade (codacy)
  • PEP8 compliance
  • Add documentation
Dark Mode

opensquat (este enlace se abre en una nueva ventana) por atenreiro (este enlace se abre en una nueva ventana)

openSquat is an opensource Intelligence (OSINT) R&D project to identify cyber squatting threats to specific companies or domains, such as domain squatting, typo squatting, IDN homograph attacks, phishing and scams.

Más artículos
Comandos para saber IP pública y priva Linux
5 comandos para obtener la dirección IP de Linux