Skip to main content

ail-typo-squatting

The ail-typo-squatting tool generates potential typo-squatting domain names based on a provided list of legitimate domains. It leverages a permutation engine to identify variations that attackers might use to deceive users into visiting malicious sites, thus enhancing proactive cybersecurity measures within automated workflows.

Ideal Use Cases & Fit

This tool is particularly effective during the reconnaissance phase of security assessments, allowing security teams to anticipate and mitigate risks associated with typo-squatting domains. It best fits scenarios where organizations wish to monitor domains similar to their own or those of competitors. Typical input is a file containing newline-separated domain names. While powerful for domain variation analysis, it may not be suitable for real-time operational monitoring.

Value in Workflows

Incorporating ail-typo-squatting into security workflows streamlines the identification and assessment of potential phishing threats, enabling security teams to take preventive actions. Its integration in automated workflows supports early reconnaissance and threat modeling, ensuring teams can preemptively secure their assets against impersonation by malicious actors.

Input Data

The tool expects a newline-separated list of domain names in a text file. This list serves as the primary target data for the typo-squatting generation process.

Example:

example.com
google.com
test.org

Configuration

  • limit: Defines the maximum number of domain variations generated (default is 1000).
  • give-variations: Enables the output of variations generated by the algorithm.
  • keep-original: Includes the original domain name in the results.
  • all: Utilizes all available algorithms for generating variations, required to run.
  • omission: Activates leaving out a letter from the domain name.
  • repetition: Engages the character repeat algorithm.
  • replacement: Uses character replacement methods for variations.
  • double-replacement: Applies double character replacements algorithm.
  • addition: Adds a character within the domain name.
  • missing-dot: Allows removal of a dot from the domain name.
  • strip-dash: Deletes a dash from the domain name.
  • vowel-swap: Swaps vowels in the domain name for variations.
  • homoglyph: Activates the homoglyph algorithm to substitute visually similar characters.
  • common-misspelling: Uses common misspelling techniques for domain generation.
  • wrong-tld: Changes the original top-level domain to another.
  • subdomain: Creates subdomains by inserting dots at varying positions.