Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New Algorithm feature requests #4

Open
TiiTcHY opened this issue Jan 23, 2023 · 7 comments
Open

New Algorithm feature requests #4

TiiTcHY opened this issue Jan 23, 2023 · 7 comments

Comments

@TiiTcHY
Copy link

TiiTcHY commented Jan 23, 2023

Hello,

Would it be possible to get the following algorithms added:

• Wrong Second Level Domain
• Ordinal Number Swap
• Cardinal Number Swap
• Hyphenation
• Combo squatting

Also possibly get detection for (vpn, account, my. E.G vpn-domain, vpn.domain, account-domain, account.domain, my.domain, my-domian)
@DavidCruciani
Copy link
Collaborator

Hello @TiiTcHY ,

  • Wrong SLD implementation
  • Number Swap implementation
  • What you call Hyphenation is the algo called addDash
  • You want the possibility to combine different algo ?

@TiiTcHY
Copy link
Author

TiiTcHY commented Feb 13, 2023

Hi @DavidCruciani Thanks for the turn around on this.

Are you referring to the Combo squatting or the other suggestion?

for combo squatting i guess it would be a combo of different algo.

The other suggestion would help detect sites pretending to be a VPN/Log in page.

TiiTcHY added a commit to TiiTcHY/TypoSquat-Domain-Comparison that referenced this issue Feb 14, 2023
@TiiTcHY
Update README.md
8adb896 
Updated to reflect the changes to the tool from typosquatter/ail-typo-squatting#4
@DavidCruciani
Copy link
Collaborator

Hi @TiiTcHY ,
I was referring to the Combo squatting. If I understood correctly you want the possibility to mix different algo to generate one variation. For example: omission + wrongTld : circl.lu -> crcl.fr.
Is it what you want ?

Regarding the detection:
You want to know if a page contain any logging system and/or if it's about vpn login ?
Do you want to identified if it's a fake too ?

@TiiTcHY
Copy link
Author

TiiTcHY commented Feb 28, 2023

Hi @DavidCruciani,

Correct regarding the combo squatting.

yes so be able to detect variations of login/vpn pages. so detect vpn-goole.co.uk myaccount.goole.co.uk/com

Also I have carried out the following analysis of other tools and compared the algorithms they use if its of any use to you. https://github.com/TiiTcHY/TypoSquat-Domain-Comparison

@TiiTcHY
Copy link
Author

TiiTcHY commented Jun 20, 2023

Hi @DavidCruciani, is there any recent changes to match the requested algorithms

@DavidCruciani
Copy link
Collaborator

Hi @TiiTcHY,
We don't forget your request. We are working on a many other project but we'll soon do a new release with some changes like a new algorithm to do some combo squatting.

Hope this will not be too long for you, you can have a look on pypi-squatting to wait.

@DavidCruciani
Copy link
Collaborator

Hi @TiiTcHY,
Sorry for the long wait, but here it is !!! 928ecaa
Please give a feedback of the combo functionality. Be award that this will generate a large amount of domain, and it's recommended to combine just a few algo.

Concerning the detection of vpn page, login page... It can be a better Idea to relocate the issue in https://github.com/typosquatter/ail-typo-website and add some misp-warninglists.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DavidCruciani @TiiTcHY