View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0009017Kali LinuxNew Tool Requestspublic2024-11-26 02:352024-12-09 07:39
Reporterrangertaha Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
Summary0009017: Urlinsane - tool for detecting typosquatting and supporting OSINT investigations, designed to operate on multilingual target
Description

[Name] - urlinsane

[Version] - 0.8.2

If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)

[Homepage] - https://github.com/rangertaha/urlinsane

[Download] - https://github.com/rangertaha/urlinsane/releases/download/0.8.2/urlinsane-0.8.2-linux-amd64

[Author] - Rangertaha <[email protected]>

[Licence] - GPL-3+

[Description] - Urlinsane is a tool for detecting typosquatting and supporting OSINT investigations, designed to operate on multilingual target domains.

[Dependencies] - Compiles to binary, Go

[Similar tools] - Urlcrazy, Dnstwist

[Activity] - 2018-2024

[How to install] - make build: creates the binaries for distribution

Note, using source code to acquire (e.g. git clone/svn checkout) can’t be used - Also downloading from the head. Please use a “tag” or “release” version.

[How to use] - What are some basic commands/functions to demonstrate it?

urlinsane typo google.com

urlinsnane typo -h

[Packaged] - Not packaged for Debian but hoping to. Had some dificulty with go debian packages

HELP:

NAME:
urlinsane typo - Generate domain variations and collect information on them

USAGE:
urlinsane [g opts..] typo [opts..] [domain]

DESCRIPTION:
URLInsane is designed to detect domain typosquatting by using advanced algorithms, information-gathering techniques, and data analysis to identify potentially harmful variations of targeted domains that cybercriminals might exploit. This tool is essential for defending against threats like typosquatting, brandjacking, URL hijacking, fraud, phishing, and corporate espionage. By detecting malicious domain variations, it provides an added layer of protection to brand integrity and user trust. Additionally, URLInsane enhances threat intelligence capabilities, strengthening proactive cybersecurity measures.

COMMANDS:
help, h Shows a list of commands or help for one command

OPTIONS:
--algorithms [ID], -a [ID] algorithm IDs to use [ID] (default: "all")
--collectors [ID], -c [ID] collectors IDs to use [ID] (default: "idn,ip,geo,ns,mx")
--keyboards [ID], -k [ID] keyboard layout IDs to use [ID] (default: "en1,en2,en3,en4")
--languages [ID], -l [ID] language IDs to use [ID] (default: "en")

CONSTRAINTS

--distance NUM, -d NUM minimum Levenshtein distance NUM (default: 25)
--regex [PATTERN], -e [PATTERN] regular expressions to match [PATTERN]

OUTPUT

--dir DIR directory to save scan results DIR (default: "domains")
--file FILE, -o FILE filename to save scan output FILE
--format FORMAT, -f FORMAT output format: (csv,tsv,table,list,html,md,json) FORMAT (default: "list")
--registered, -r show only registered domain names (default: false)
--unregistered, -u show only unregistered domain names (default: false)
--verbose, -v more details in the output (default: false)

PERFORMANCE

--delay NUM delay between network calls NUM (default: 1)
--random NUM random network delay multiplier NUM (default: 1)
--ttl DURATION maximim duration to cache results, 0 deletes the cache DURATION (default: 0s)
--workers NUM, -w NUM number of concurrent workers NUM (default: 50)

KEYBOARDS:
LANGUAGE ID:NAME...

ENGLISH en3: QWERTZ en4: DVORAK en2: AZERTY en1: QWERTY
FINNISH fi1: QWERTY
SPANISH es2: QWERTY es1: QWERTY
ARABIC ar2: AZERTY ar1: غفقثصض ar3: غفقثصض ar4: QWERTY
ARMENIAN hy1: QWERTY hy2: QWERTY
FRENCH fr1: ACNOR
HEBREW iw1: Hebrew
PERSIAN fa1: Farsi
RUSSIAN ru3: ЙЦУКЕН ru1: ЙЦУКЕН ru2: ЯШЕРТЫ 

  eg: urlinsane typo -k en1,en2,en3,en4 example.com

LANGUAGES:
ID NAME GLYPHS HOMOPHONES ANTONYMS TYPOS CARDINAL ORDINAL STEMS

ar Arabic       28          1        1     0       11      11     0
hy Armenian     38          1        1     1       24       0     0
fr French       27          1        1     1       11      10     0
iw Hebrew       22          2        1     5       11       0     0
fa Persian      28          1        1     1       11       0     0
ru Russian      41          1        1     1       44      10     0
en English      26        485       93  4256       10       9     0
fi Finnish      29          1        1     1       11       1     0
es Spanish      27          1        1     1       31       4     0

  eg: urlinsane typo -l ru,hy,en example.com

ALGORITHMS:
ID NAME 

co   Character Omission             
cr   Character Repetition           
hi   Hyphen Insertion               
ho   Hyphen Omission                
ons  Ordinal Numeral Substitution   
tld2 Wrong TLD2                     
cm   Common Misspellings            
cs   Character Substitution         
di   Dot Insertion                  
gi   Grapheme Insertion             
rar  Repetition Adjacent Replacement
sp   Singular Pluralise             
tld  Wrong TLD                      
com  Combo Squatting                
bf   Bit Flipping                   
gr   Grapheme Replacement           
hr   Homoglyphs Replacement         
hs   Homophone Substitution         
tld3 Wrong TLD3                     
si   Subdomain Insertion            
acs  Adjacent Character Substitution
cns  Cardinal Substitution          
dh   Dot Hyphen Substitution        
do   Dot Omission                   
vs   Vowel Swapping                 
aci  Adjacent Character Insertion   

  eg: urlinsane typo -a cs,gr,cm example.com

COLLECTORS:
ID DESCRIPTION 

web Web request and hasing hashing content
wi  Domain registration lookup            
idn Internationalized Domain Name         
bn  Capturing HTTP/SMTP banners           
mx  DNS MX Records                        
txt DNS MX Records                        
img Download screeshot of domains         
cn  DNS CNAME records                     
ip  Domain IPv4 and IPv6 addresses        
ns  DNS NS Records                        
geo Retrieves location of IP addresses    

  eg: urlinsane typo -c ip,idn example.com

OUTPUTS:
ID NAME 

md    Markdown formatted output                    
tsv   TSV (tab-separated values) formatted output  
table Pretty table output format with color        
json  Deeply nested JSON structured output         
csv   CSV (comma-separated values) formatted output
html  HTML formatted output                        
list  outputs one record per line                  

  eg: urlinsane typo -f table example.com

EXAMPLE:

urlinsane typo example.com
urlinsane typo -a co example.com
urlinsane typo -a co,oi,oy -c ip,idna,ns example.com
urlinsane typo -l fr,en -k en1,en2 example.com

AUTHOR:
Rangertaha ([email protected])

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2024-11-26 02:35 rangertaha New Issue
2024-12-09 07:39 daniruiz Summary Urlinsane is a tool for detecting typosquatting and supporting OSINT investigations, designed to operate on multilingual target => Urlinsane - tool for detecting typosquatting and supporting OSINT investigations, designed to operate on multilingual target