Skip to content

Latest commit

 

History

History
164 lines (121 loc) · 5.45 KB

README.md

File metadata and controls

164 lines (121 loc) · 5.45 KB
Raw

Icon

baby-gopher GitHub release GitHub All Releases

DNSMORPH is a domain name permutation engine, inspired by dnstwist. It is written in Go making for a compact and very fast tool. It robustly handles any domain or subdomain supplied and provides a number of configuration options to tune permutation runs.

demo

DNSMORPH includes the following domain permutation attack types:

  • Homograph attack (both on single and duplicate characters)
  • Bitsquat attack
  • Hyphenation attack
  • Omission attack
  • Repetition attack
  • Replacement attack
  • Subdomain attack
  • Transposition attack
  • Vowel swap attack
  • Addition attack
  • Doppelganger attack

Installation

There are two ways to install dnsmorph on your system:

  1. Downloading the pre-compiled binaries for your platform from the latest release page and extracting in a directory of your choosing.

  2. Downloading and compiling the source code yourself by running the following commands:

    • go get -v github.com/netevert/dnsmorph
    • cd /$GOPATH/src/github.com/netevert/dnsmorph
    • go get -v ./...
    • go build

An Arch Linux package is also available.

Usage

Usage menu output 

dnsmorph -d domain | -l domains_file [-girvuw] [-csv | -json]
  -csv
        output to csv
  -d string
        target domain
  -g    geolocate domain
  -i    include subdomain
  -json
        output to json
  -l string
        domain list filepath
  -n    idna format homograph domain
  -r    resolve domain
  -u    update check
  -v    enable verbosity
  -w    whois lookup

Run attacks against a target domain 

./dnsmorph -d amazon.com

demo

Run attacks against a list of domains 

./dnsmorph -l domains.txt

demo

Include subdomain in attack 

./dnsmorph -d staging.amazon.com -i

demo

Run dns resolutions against permutated domains 

./dnsmorph -d amazon.com -r

demo

Run geolocation against permutated domains 

./dnsmorph -d amazon.com -g

demo

Run whois lookup against permutated domains 

./dnsmorph -d amazon.com -w

demo

Output results to csv or json 

./dnsmorph -d amazon.com -r -g -csv
./dnsmorph -d amazon.com -r -g -json

demo

Activate verbose output 

./dnsmorph -d staging.amazon.com -v

demo

License

Distributed under the terms of the MIT license, DNSMORPH is free and open source software written and maintained with ❤ by NetEvert.

This tool includes GeoLite2 data created by MaxMind, available from maxmind.com.

Versioning

This project adheres to Semantic Versioning.

Like it?

If you like the tool please consider contributing.

The tool received a few "honourable" mentions, including: