urlcrazy包装说明
生成和测试领域的错别字和变化来检测并执行错字蹲,网址拦截,网络钓鱼和企业间谍活动。 特征
- 生成15种域变种
- 知道8000常见的拼写错误
- 支持宇宙射线引起的位翻转
- 多种键盘布局(QWERTY,AZERTY,QWERTZ,德沃夏克)
- 如果域变体是有效的检查
- 如果测试域变体使用
- 估计域变体的流行度 资料来源:http://www.morningstarsecurity.com/research/urlcrazy
- 作者:安德鲁·霍顿
- 许可:非商业
0x01 包含在urlcrazy包工具
urlcrazy - 域名错字发电机:~# urlcrazy -h URLCrazy version 0.5 by Andrew Horton (urbanadventurer) http://www.morningstarsecurity.com/research/urlcrazy Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. Supports the following domain variations: Character omission, character repeat, adjacent character swap, adjacent character replacement, double character replacement, adjacent character insertion, missing dot, strip dashes, singular or pluralise, common misspellings, vowel swaps, homophones, bit flipping (cosmic rays), homoglyphs, wrong top level domain, and wrong second level domain. Usage: /usr/bin/urlcrazy [options] domain Options -k, --keyboard=LAYOUT Options are: qwerty, azerty, qwertz, dvorak (default: qwerty) -p, --popularity Check domain popularity with Google -r, --no-resolve Do not resolve DNS -i, --show-invalid Show invalid domain names -f, --format=TYPE Human readable or CSV (default: human readable) -o, --output=FILE Output file -h, --help This help -v, --version Print version information. This version is 0.50x02 urlcrazy用法示例
搜索使用Dvorak布局的网址 (-k德沃夏克),并 没有做解析主机名 (-r) 对于给定域 (example.com):
:~# urlcrazy -k dvorak -r example.com
URLCrazy Domain Report
Domain : example.com
Keyboard : dvorak
At : 2014-05-13 17:04:01 -0600
# Please wait. 95 hostnames to process
Typo Type Typo CC-A Extn
---------------------------------------------------
Character Omission eample.com ? com
Character Omission examle.com ? com
Character Omission exampe.com ? com
Character Omission exampl.com ? com
Character Omission example.cm ? cm
Character Omission exaple.com ? com
原文来自https://www.hackfun.org/kali-tools/urlcrazy_zh.html。转载请注明原出处,商用请联系原作者授权。