¶ Punycode Phishing Domains
¶ About
This tool can generate Punycode domain names that can be used during phishing tests
The issue with Punycode is that an attacker can create a spoof website with a URL that looks exactly the same like the real website. It relies on the way that many browsers interpret punycode.
Firefox and Safari seems to be vulnerable to punycode phishing attack currently.
¶ Flag:
FROM python:2.7-alpine3.9
ENV PYTHONUNBUFFERED=1
WORKDIR /wd
RUN apk add --no-cache --virtual .build-deps git \
&& git clone https://gist.github.com/natrix-fork/08bbae0385bf5db5530289e89f5659a9 . \
&& apk del .build-deps
RUN pip install --no-cache-dir ipwhois
ENTRYPOINT ["python", "genPunycodeDomain.py"]
CMD ["--help"]
¶ Used facts:
Generated available phishing domain names
¶ Screenshots of results:
¶ Category:
Domain/Phishing
¶ Audit tags:
Old, Fast, Enumerate, Malware Detection, Discovery, Leaks
¶ DISCLAIMER:
This program is used for educational and ethical purposes only. I take no responsibility for any damages caused from using this program. By downloading and using this software, you agree that you take full responsibility for any damages and liability.