10 Short links on Cybersquatting domain detection

dnstwist results for covert.io

In this short blog, I share 3 papers and 7 tools that focus on detecting cyber squatting domains (including typosquating, homograph, combosquatting, etc.).

• Detection of Cybersquatted Domains (Master’s Thesis) by Patrick Frischknecht
• Hiding in plain sight: A longitudinal study of combosquatting abuse
• Seven months’ worth of mistakes: A longitudinal study of typosquatting abuse

Tools for generating cybersquatting domains (for use in detection)

• https://github.com/elceef/dnstwist
• https://github.com/atenreiro/opensquat
• http://www.morningstarsecurity.com/research/urlcrazy
• https://github.com/phar/eyephish
• https://github.com/SquatPhish/2-Distributed-Crawler
• https://github.com/SquatPhish/3-Phish-Page-Detection
• https://github.com/SquatPhish/4-Evasion-Obfuscation-Analysis

Lots of other tools/libraries now exist if you need an implementation in a different language. See these github tags for lots more tools: typosquatting, homoglyph, and homograph-attack.

Lastly, if you’re interested in discovering more interesting papers like these, use the method I outlined here.

— Jason

@jason_trost

The “short links” format was inspired by O’Reilly’s Four Short Links series.