[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#948237: ITP: dnstwist -- domain name permutation engine


On January 5, 2020 7:22:08 PM UTC, Peter Wienemann <fossdev@posteo.de> wrote:
>Package: wnpp
>Severity: wishlist
>Owner: Peter Wienemann <fossdev@posteo.de>
>
>  Package name    : dnstwist
>  Version         : 20190706
>  Upstream Author : Marcin Ulikowski <marcin@ulikowski.pl>
>  URL             : https://github.com/elceef/dnstwist
>  License         : Apache-2.0
>  Programming Lang: Python
>  Description     : Domain name permutation engine
>
>For a given domain name, dnstwist generates a list of similarly
>looking domains and performs DNS queries for each of them (A, AAAA,
>NS and MX). For MX records it checks whether there is an active mail
>server which could intercept misdirected emails. Moreover it
>estimates webpage similarity based on fuzzy hashes. This functionality
>might be helpful in discovering typosquatters, phishing sites or
>otherwise fraudulent services and corporate espionage.
>
>This package will be team-maintained by the Debian Security Tools
>Team.

Upstream contains an embedded copy of the Public Suffix List (PSL):

https://github.com/elceef/dnstwist/blob/master/database/effective_tld_names.dat

In Debian, this is provided in the publicsuffix package:

https://salsa.debian.org/debian/publicsuffix/blob/debian/master/public_suffix_list.dat

Although renamed, it's the same file.  Please use the PSL from publicsuffix rather than the embedded copy.  It'll be more up to date.

Scott K
Reply to: