dnstwist

We have hosted the application dnstwist in order to run this application in our online workstations with Wine or directly.

Quick description about dnstwist:

dnstwist is an open source cybersecurity tool designed to identify malicious or suspicious domain names that imitate legitimate websites. It works by generating a large set of domain name permutations based on a target domain and analyzing whether any of those variants are actively registered or used. These permutations simulate common techniques used in phishing attacks, typosquatting, and brand impersonation campaigns. Security teams can use the tool to discover potential threats where attackers attempt to deceive users with lookalike domains. dnstwist also helps detect phishing activity by comparing web page content and visual similarity between domains using fuzzy hashing and perceptual hashing techniques. By automating DNS fuzzing and analysis, it provides organizations with an additional source of targeted threat intelligence. The tool can output results in structured formats, making it easier to integrate with security workflows or further analyze suspicious domains.

Features:

• Generates domain permutations using multiple domain fuzzing algorithms
• Detects phishing pages using HTML similarity with fuzzy hashing
• Compares visual similarity of web pages using perceptual hashing
• Identifies rogue MX hosts that could intercept misdirected emails
• Provides GeoIP location information for detected domains
• Exports scan results to CSV or JSON for analysis and automation

Programming Language: Python.
Categories: