dnsmorph

package module
v0.0.0-...-9cc6ee8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2023 License: MIT Imports: 28 Imported by: 0

README

Icon

baby-gopher GitHub release GitHub All Releases

DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or subdomain supplied and provides a number of configuration options to tune permutation runs.

demo

DNSMORPH includes the following domain permutation attack types:

  • Homograph attack (both on single and duplicate characters)
  • Bitsquat attack
  • Hyphenation attack
  • Omission attack
  • Repetition attack
  • Replacement attack
  • Subdomain attack
  • Transposition attack
  • Vowel swap attack
  • Addition attack
  • Doppelganger attack

Installation

There are two ways to install dnsmorph on your system:

  1. Downloading the pre-compiled binaries for your platform from the latest release page and extracting in a directory of your choosing.

  2. Downloading and compiling the source code yourself by running the following commands:

    • go get -v github.com/netevert/dnsmorph
    • cd /$GOPATH/src/github.com/netevert/dnsmorph
    • go get -v ./...
    • go build

An Arch Linux package is also available.

Usage

Usage menu output 

dnsmorph -d domain | -l domains_file [-girvuw] [-csv | -json]
  -csv
        output to csv
  -d string
        target domain
  -g    geolocate domain
  -i    include subdomain
  -json
        output to json
  -l string
        domain list filepath
  -n    idna format homograph domain
  -r    resolve domain
  -u    update check
  -v    enable verbosity
  -w    whois lookup

Run attacks against a target domain 

./dnsmorph -d amazon.com

demo

Run attacks against a list of domains 

./dnsmorph -l domains.txt

demo

Include subdomain in attack 

./dnsmorph -d staging.amazon.com -i

demo

Run dns resolutions against permutated domains 

./dnsmorph -d amazon.com -r

demo

Run geolocation against permutated domains 

./dnsmorph -d amazon.com -g

demo

Run whois lookup against permutated domains 

./dnsmorph -d amazon.com -w

demo

Output results to csv or json 

./dnsmorph -d amazon.com -r -g -csv
./dnsmorph -d amazon.com -r -g -json

demo

Activate verbose output 

./dnsmorph -d staging.amazon.com -v

demo

License

Distributed under the terms of the MIT license, DNSMORPH is free and open source software written and maintained with ❤ by NetEvert.

This tool includes GeoLite2 data created by MaxMind, available from maxmind.com.

Versioning

This project adheres to Semantic Versioning.

Like it?

If you like the tool please consider contributing.

The tool received a few "honourable" mentions, including:

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AdditionAttack 

func AdditionAttack(domain string) []string

performs an addition attack adding a single character to the domain

func BitsquattingAttack 

func BitsquattingAttack(domain string) []string

performs a bitsquat permutation attack

func DoppelgangerAttack 

func DoppelgangerAttack(domain string) []string

performs a doppelganger attack by removing hypens in subdomain

func HomographAttack 

func HomographAttack(domain string) []string

performs a homograph permutation attack

func HyphenationAttack 

func HyphenationAttack(domain string) []string

performs a hyphenation attack adding hyphens between characters

func OmissionAttack 

func OmissionAttack(domain string) []string

performs an omission attack removing characters across the domain name

func ProcessInput 

func ProcessInput(input string) (sanitizedDomain, tld string)

sanitizes domains inputted into dnsmorph

func RepetitionAttack 

func RepetitionAttack(domain string) []string

performs a repetition attack simulating a user pressing a key twice

func ReplacementAttack 

func ReplacementAttack(domain string) []string

performs a replacement attack simulating a user pressing the wrong keys

func RunPermutations 

func RunPermutations(targets []string)

helper function to specify permutation attacks to be performed

func SubdomainAttack 

func SubdomainAttack(domain string) []string

performs a subdomain attack by inserting dots between characters, effectively turning the domain in a subdomain

func TranspositionAttack 

func TranspositionAttack(domain string) []string

performs a transposition attack swapping adjacent characters in the domain

func Unzip 

func Unzip(src string, dest string) ([]string, error)

Unzip will decompress a zip archive, moving all files and folders within the zip file (parameter 1) to an output directory (parameter 2).

func VowelswapAttack 

func VowelswapAttack(domain string) []string

performs a vowel swap attack

Types

type GeoIPRecord 

type GeoIPRecord struct {
	City struct {
		Names map[string]string `maxminddb:"names"`
	} `maxminddb:"city"`
	Country struct {
		IsoCode string `maxminddb:"iso_code"`
	} `maxminddb:"country"`
}

GeoIPRecord struct

type OutJSON 

type OutJSON struct {
	Results []Record `json:"results"`
}

OutJSON struct

type Record 

type Record struct {
	Technique         string `json:"technique"`
	Domain            string `json:"domain"`
	A                 string `json:"a_record"`
	Geolocation       string `json:"geolocation"`
	WhoisCreation     string `json:"whoiscreation"`
	WhoisModification string `json:"whoismodification"`
}

Record struct

type Target 

type Target struct {
	Technique    string
	TargetDomain string
	Function     func(string) []string
}

Target struct

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.