dnstwist
See what sort of trouble users can get in trying to type your domain name. Find lookalike domains that adversaries can use to attack you. Can detect typosquatters, phishing attacks, fraud, and brand impersonation. Useful as an additional source of targeted threat intelligence.
Details
Category: OSINT
Publisher: trickest
Created Date: 6/23/2021
Container: quay.io/trickest/dnstwist:6b89df1
Source URL: https://github.com/elceef/dnstwist
Parameters
domain
string
requiredCommand:
- Domain name or URL to scanmx-check
boolean
Command:
-m
- Check if MX can be used to intercept emailsuser-agent
string
Command:
--useragent
- User-Agent STRING to send with HTTP requestsgeoip-lookup
boolean
Command:
-g
- Lookup for GeoIP locationoverride-url
string
Command:
--ssdeep-url
- Override URL to fetch the original web page fromdictionary-file
file
requiredCommand:
-d
- Generate more domains using dictionarylookup-whois-db
boolean
Command:
-w
- Lookup WHOIS database for creation datenumber-of-threads
string
Command:
-t
- Number of urlscompare-fuzzy-hashes
boolean
Command:
-s
- Fetch web pages and compare their fuzzy hashes to evaluate similaritydns-servers-to-query
string
Command:
--nameservers
- DNS servers to query (separated with commas)show-all-dns-records
boolean
Command:
-a
- Show all DNS recordshttp-smtp-service-banners
boolean
Command:
-b
- Determine HTTP and SMTP service bannersshow-only-registered-domains
boolean
Command:
-r
- Show only registered domain namesgenerate-domains-by-swapping-tld
file
Command:
--tld
- Generate more domains by swapping TLD from FILE