What is DNSTwist?

DNStwist is a tools where it will generate a list of any possible phishing domains and verify whether the phishing domain have been registered.  

Main Function of DNStwist

Below are the features of the DNStwist tools that

  • A wide range of efficient domain fuzzing algorithms
  • Unicode domain names (IDN)
  • Multithreaded job distribution
  • Queries A, AAAA, NS and MX records
  • Evaluates web page similarity with fuzzy hashes to find live phishing sites
  • Tests if MX host (mail server) can be used to intercept misdirected e-mails
  • Additional domain variants using dictionary files
  • GeoIP location information
  • Grabs HTTP and SMTP service banners
  • WHOIS lookups for creation and modification date
  • Output in CSV and JSON format

Installation and Usage

For those who want to use the tools, you need to install it by typing apt-get install dnstwist

Installation of the DNStwist (apt-get install dnstwist)

When the installation is completed, you can run the tools by typing dnstwist .py <example website>

The picture above is an example on how the dnstwist result will look like

Source: Github Dnstwist

Author: Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *