urlcrazy
Domain typo generator that creates and tests variations of domain names to detect typo squatting, URL hijacking, phishing, and corporate espionage.
Description
urlcrazy generates domain typos and variations for a given domain, helping security professionals identify potential squatting and hijacking risks. It simulates common typing errors to produce similar-looking domains that could be used maliciously.
Use cases include detecting phishing domains, preventing corporate espionage through domain monitoring, and assessing the security of brand domains against typo-based attacks. The tool processes various typo types like character omission and keyboard layout variations.
It requires Ruby dependencies to function fully, with an installation step via bundle install if not pre-configured in Kali Linux.
How It Works
urlcrazy generates typos based on techniques like character omission and keyboard layouts (e.g., Dvorak). It processes hostnames for a target domain, optionally skipping hostname resolution (-r), and outputs a report listing generated typos with their types, country codes, and extensions. Dependencies like ruby-async-dns and ruby-httpclient support async DNS and HTTP operations for testing.
Installation
sudo apt install urlcrazyFlags
Examples
urlcrazy -k dvorak -r example.comurlcrazy -hurlcrazy example.comurlcrazy -r example.comurlcrazy -k dvorak example.combundle install