dnstwist

module

v1.3.0 Latest Latest Go to latest Published: May 4, 2023 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/hazcod/dnstwist

Links

Open Source Insights

README ¶

dnstwist

This is a tool that will fetch potential typo-squatting or IDN domains which could be targeting your domain for spear phishing. Permutations will be fetched from https://dnstwist.it/.

It will take into account the registration and/or last updated WHOIS information and a potential whitelist.

Domains identified can be sent to Slack for automated alert purposes.

Usage

First create a configuration file:

# log settings, optional
log:
  # log level to use
  level: info

# the domains you'd like to monitor, required
domains:
  # domain(s) to monitor
  watchlist: [domain.com]
  # any domains to ignore
  whitelist: []
  # domains created in the last week
  created_since: 168h

# send alerts to a Slack channel, optional
slack:
  # slack channel webhook
  webhook: https://hooks.slack.com/services/XXX

And then run the tool:

% dnstwist -config=config.yml

You can also set configuration values via environment variables:

% LOG_LEVEL=info DOMAIN_WATCHLIST=domain.com SLACK_WEBHOOK=xxx dnstwist

And use it with the Docker image!

% docker run -ti --rm -e "DOMAIN_WATCHLIST=domain.com" -e "SLACK_WEBHOOK=xxx" ghcr.io/hazcod/dnstwist/dnstwist:latest

Directories ¶

Path	Synopsis
cmd
config
pkg
dnstwist
slack
whois

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL