DNS TWIST

Image

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Demo

Lock image

Installation

Python PIP

  • pip install dnstwist[full]

Git

If you want to run the latest version of the code, you can install it from Git:

Debian/Ubuntu/Kali Linux

Invoke the following command to install the tool with all extra packages:

  • sudo apt install dnstwist

Fedora Linux

  • sudo dnf install dnstwist

macOS

This will install dnstwist along with all dependencies, and the binary will be added to $PATH.

  • brew install dnstwist

Docker

Pull and run official image from the Docker Hub:

  • docker run -it elceef/dnstwist

Features

  1. Variety of highly effective domain fuzzing algorithms
  2. Unicode domain names (IDN)
  3. Additional domain permutations from dictionary files
  4. Efficient multithreaded task distribution
  5. Live phishing webpage detection:
  6. HTML similarity with fuzzy hashes (ssdeep)
  7. Screenshot visual similarity with perceptual hashes (pHash)
  8. Rogue MX host detection (intercepting misdirected e-mails)
  9. GeoIP location
  10. Export to CSV and JSON