Giter VIP home page Giter VIP logo

typogenerator's Introduction

Typogenerator: a typosquatting generator in Golang

A Golang typosquat generator utilizing various strategies to generate potential variants of a string. Some strategies are similar to those utilized by dnstwist. This library is not intended to be a complete port of dnstwist and may include additional strategies.

Usage

See files under cmd/ for example usage.

Fuzz

all := []strategy.Strategy{
	strategy.Omission,
	strategy.Repetition,
}

results, err := typogenerator.Fuzz("zenithar", all...)
if err != nil {
	fmt.Println(err)
}

for _, r := range results {
	for _, p := range r.Permutations {
		fmt.Println(p)
	}
}

// enithar
// znithar
// zeithar
// zenthar
// ...

FuzzDomain

all := []strategy.Strategy{
	strategy.Omission,
	strategy.Repetition,
}

results, err := typogenerator.FuzzDomain("example.com", all...)
if err != nil {
	fmt.Println(err)
}

for _, r := range results {
	for _, p := range r.Permutations {
		fmt.Println(p)
	}
}

// xample.com
// eample.com
// exmple.com
// exaple.com
// ...

Fuzzing Algorithms (strategies)

  1. Addition - Addition of a single character to the end of a string
  2. BitSquatting - Generates a string with one bit difference from the input
  3. DoubleHit - Addition of a single character that is adjacent to each character (double hitting of a key)
  4. Homoglyph - Substituiton of a single character with another that looks similar
  5. Hyphenation - Addition of a hypen - between the first and last character in a string
  6. Omission - Removal of a single character in a string
  7. Prefix - Addition of predefined prefixes to the start of a string
  8. Repetition - Repetition of characters in a string (pressing a key twice)
  9. Replace - Replacement of a single character that is adjacent to each character (pressing wrong key)
  10. Similar - Replacement of a single character that looks the same. This is a subset of Homoglyph but is language specific.
  11. SubDomain - Addition of a period . between the first and last character in a string
  12. Transposition - Swapping of adjacent characters in a string
  13. VowelSwap - Swapping of vowels in string with all other vowels
  14. TLDReplace - Replaces the TLD with a list of commonly used TLDs. Only works with FuzzDomain.
  15. TLDRepeat - Repeats the TLD after the domain name. Only works with FuzzDomain.

Languages

The following strategies are language dependent:

  1. DoubleHit
  2. Replace
  3. Similar

Supported languages include:

  1. English
  2. French
  3. German
  4. Spanish

typogenerator's People

Contributors

anvius avatar dependabot[bot] avatar saurori avatar zenithar avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

ppools securityscorecard huadaonan dolanor-galaxy cholter emperorearth ddsgok anasbensalah sasqwatch issif cybagard michenriksen sublimino shahriar-sazid anvius markuskont

typogenerator's Issues

Intended inputs and use cases (string vs domain)

I am in the process of writing a README and was comparing strategies to dnstwist which I assume is the primary inspiration for this library.

One main difference is that dnstwist takes an input of a full domain whereas this library expects a domain string without a TLD (which I assume given the intention/description in the current README). Given the current set of strategies, this does not pose any problems. However, this does create potential limitations for additional strategies based around TLDs as the library does not expect to know the TLD. For example, a strategy of "wrong tld" would not be possible (example.com -> example.io etc).

What are your thoughts on adding in domain parsing? The library could either expect a domain (and return error if not) or parse domains and leave strings as is but some strategies may only operate on parsed domains.

Italian keyword and small refactor for es.go

Hello,

I have created an Italian keyboard mapping following the same format as the other languages provided.

For the Spanish language mapping, I have also included all vowels with accents.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.