>_ DevTrendsja

言語

ホーム

言語

セクション

フロントエンド バックエンド モバイル DevOps AI / ML ゲーム開発 ブロックチェーン セキュリティ
Python

openSquat: Open-Source Phishing Domain Detector

976 スター

openSquat logo

When a Fake Domain Costs Millions

Imagine: an attacker registers a domain g00gle-login.com that's nearly indistinguishable from the real one. A week later, thousands of users land on a phishing site and enter their credentials... Familiar scenario? This is exactly the kind of threat openSquat helps detect — a tool for finding impersonator domains.

What This "Cyber Sentinel" Can Do

openSquat is a Python utility for OSINT analysis that:

  • Automatically finds newly registered suspicious domains
  • Detects dozens of attack types, including:
    • Typosquatting (misspellings in domains)
    • IDN attacks (Cyrillic characters instead of Latin)
    • Bitsquatting (errors in bit representation)
    • Lookalike domains

The main advantage is prevention. The system finds threats before they start being used.

Top 5 Features for Defenders

  1. Daily database updates — automatic checking of new domains
  2. Flexible sensitivity settings — from "strict" to "all suspicious"
  3. Integration with VirusTotal and Quad9 — domain reputation checking
  4. Multiple output formats — JSON, CSV, TXT for SIEM integration
  5. IDN attack detection — when "арррle.com" (with Cyrillic "р") looks like the original
# Пример запуска с максимальной проверкой
python opensquat.py --phishing phish.txt --dns --ct --subdomains --portcheck

How It Works Technically

Under the hood:

  • Levenshtein algorithm for domain similarity comparison
  • Certificate Transparency Log parsing
  • API integration with external services
  • Modular architecture on Python 3.6+

openSquat example

Who Can Benefit in Practice

  1. Corporate security specialists — monitoring brand impersonation
  2. Online store owners — protecting customers from phishing
  3. Hosting providers — identifying malicious accounts
  4. Government agencies — controlling impersonator domains

Verdict: Worth Trying

openSquat is a rare case where an open-source solution rivals commercial alternatives. The project is actively developed (800+ stars on GitHub), has a Telegram bot, and even a REST API.

Try it if:

  • You work in cybersecurity
  • You manage an important domain
  • You want to automate threat hunting

Installation is just a couple of commands:

git clone https://github.com/atenreiro/opensquat
pip install -r requirements.txt

P.S. Project author Andre Tenreiro is open to collaboration — you can suggest improvements or new features directly in Issues on GitHub.

関連プロジェクト