GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → netevert → Dnsmorph

netevert / Dnsmorph

Licence: mit
Domain name permutation engine written in Go

Programming Languages

go
31211 projects - #10 most used programming language
golang
3204 projects

Labels

dnspenetration-testingpentest-toolphishingthreat-intelligencethreatinteldomains

Projects that are alternatives of or similar to Dnsmorph

Dnstwist
Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
Stars: ✭ 3,124 (+2010.81%)
Mutual labels:  dns, domains, phishing, threat-intelligence
MurMurHash
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-46.62%)
Mutual labels:  phishing, threatintel, threat-intelligence
censys-recon-ng
recon-ng modules for Censys
Stars: ✭ 29 (-80.41%)
Mutual labels:  penetration-testing, threatintel, threat-intelligence
Tigershark
Bilingual PhishingKit. TigerShark intergrates a vast array of various phishing tools and frameworks, from C2 servers, backdoors and delivery methods in multiple scripting languages in order to suit whatever your deployment needs may be.
Stars: ✭ 212 (+43.24%)
Mutual labels:  penetration-testing, pentest-tool, phishing
Stalkphish
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
Stars: ✭ 256 (+72.97%)
Mutual labels:  phishing, threat-intelligence, threatintel
Domainfuzz
Domain name permutation engine for detecting typo squatting, phishing and corporate espionage
Stars: ✭ 74 (-50%)
Mutual labels:  dns, domains, phishing
Phishing catcher
Phishing catcher using Certstream
Stars: ✭ 1,232 (+732.43%)
Mutual labels:  phishing, threat-intelligence, threatintel
Erodir
A fast web directory/file enumeration tool written in Rust
Stars: ✭ 94 (-36.49%)
Mutual labels:  penetration-testing, pentest-tool
Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Stars: ✭ 103 (-30.41%)
Mutual labels:  penetration-testing, pentest-tool
Intelowl
Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale
Stars: ✭ 2,114 (+1328.38%)
Mutual labels:  threat-intelligence, threatintel
Analyzer
🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-27.03%)
Mutual labels:  phishing, threat-intelligence
Patrowlhears
PatrowlHears - Vulnerability Intelligence Center / Exploits
Stars: ✭ 89 (-39.86%)
Mutual labels:  threat-intelligence, threatintel
Eyes.sh
Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"
Stars: ✭ 89 (-39.86%)
Mutual labels:  penetration-testing, pentest-tool
Threatbus
🚌 The missing link to connect open-source threat intelligence tools.
Stars: ✭ 139 (-6.08%)
Mutual labels:  threat-intelligence, threatintel
In Spectre Meltdown
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-41.89%)
Mutual labels:  penetration-testing, pentest-tool
Punk.py
unix SSH post-exploitation 1337 tool
Stars: ✭ 107 (-27.7%)
Mutual labels:  penetration-testing, pentest-tool
1hosts
DNS filter-/blocklists | safe. private. clean. browsing!
Stars: ✭ 85 (-42.57%)
Mutual labels:  dns, domains
Bass
Bass grabs you those "extra resolvers" you are missing out on when performing Active DNS enumeration. Add anywhere from 100-6k resolvers to your "resolver.txt"
Stars: ✭ 104 (-29.73%)
Mutual labels:  dns, domains
Mitm Scripts
🔄 A collection of mitmproxy inline scripts
Stars: ✭ 109 (-26.35%)
Mutual labels:  penetration-testing, pentest-tool
Misp Dashboard
A dashboard for a real-time overview of threat intelligence from MISP instances
Stars: ✭ 142 (-4.05%)
Mutual labels:  threat-intelligence, threatintel
View All Similar Projects ➔

Icon

baby-gopher GitHub release Maintenance GitHub last commit GitHub All Releases Twitter Follow

DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or subdomain supplied and provides a number of configuration options to tune permutation runs.

demo

DNSMORPH includes the following domain permutation attack types:

  • Homograph attack (both on single and duplicate characters)
  • Bitsquat attack
  • Hyphenation attack
  • Omission attack
  • Repetition attack
  • Replacement attack
  • Subdomain attack
  • Transposition attack
  • Vowel swap attack
  • Addition attack

Installation

There are two ways to install dnsmorph on your system:

  1. Downloading the pre-compiled binaries for your platform from the latest release page and extracting in a directory of your choosing.

  2. Downloading and compiling the source code yourself by running the following commands:

    • go get -v github.com/netevert/dnsmorph
    • cd /$GOPATH/src/github.com/netevert/dnsmorph
    • go get -v ./...
    • go build

An Arch Linux package is also available.

Usage

Usage menu output 

dnsmorph -d domain | -l domains_file [-girvuw] [-csv | -json]
  -csv
        output to csv
  -d string
        target domain
  -g    geolocate domain
  -i    include subdomain
  -json
        output to json
  -l string
        domain list filepath
  -r    resolve domain
  -u    update check
  -v    enable verbosity
  -w    whois lookup
Run attacks against a target domain 

./dnsmorph -d amazon.com

demo

Run attacks against a list of domains 

./dnsmorph -l domains.txt

demo

Include subdomain in attack 

./dnsmorph -d staging.amazon.com -i

demo

Run dns resolutions against permutated domains 

./dnsmorph -d amazon.com -r

demo

Run geolocation against permutated domains 

./dnsmorph -d amazon.com -g

demo

Run whois lookup against permutated domains 

./dnsmorph -d amazon.com -w

demo

Output results to csv or json 

./dnsmorph -d amazon.com -r -g -csv
./dnsmorph -d amazon.com -r -g -json

demo

Activate verbose output 

./dnsmorph -d staging.amazon.com -v

demo

License

Distributed under the terms of the MIT license, DNSMORPH is free and open source software written and maintained with ❤ by NetEvert.

This tool includes GeoLite2 data created by MaxMind, available from maxmind.com.

Versioning

This project adheres to Semantic Versioning.

Like it?

If you like the tool please consider contributing.

The tool received a few "honourable" mentions, including:

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].