Day: September 23, 2020

Cyborg Labs

Cyborg Sidetracks | Deep Dive into DNSTwist

DNSTwist is an open source tool that generates a list of potential domain names related to an input domain. It does this through mutation, transposition, homoglyph and substition among other techniques commonly employed by attackers. Once the list of domains are generated it performs DNS lookups to determine if it is an active domain and can look up Mail Exchange (MX) records as well to determine if it may be capable of sending and receiving email. This enables threat hunters and analysts to obtain a list of visually similar and other similar domains that could be utilized in phishing attacks. The most useful function of DNSTwist in an organization would be for proactive research of brand protection, by regularly searching for imitation domains being used for phishing or fraud.

Read More »