# EvilURL Checker
```bash
evilurl git:(main) ✗ evilurl github.com
██████████ █████ █████ █████ █████ █████ █████ ███████████ █████
░░███░░░░░█░░███ ░░███ ░░███ ░░███ ░░███ ░░███ ░░███░░░░░███ ░░███
░███ █ ░ ░███ ░███ ░███ ░███ ░███ ░███ ░███ ░███ ░███
░██████ ░███ ░███ ░███ ░███ ░███ ░███ ░██████████ ░███
░███░░█ ░░███ ███ ░███ ░███ ░███ ░███ ░███░░░░░███ ░███
░███ ░ █ ░░░█████░ ░███ ░███ █ ░███ ░███ ░███ ░███ ░███ █
██████████ ░░███ █████ ███████████ ░░████████ █████ █████ ███████████
░░░░░░░░░░ ░░░ ░░░░░ ░░░░░░░░░░░ ░░░░░░░░ ░░░░░ ░░░░░ ░░░░░░░░░░░
[ by @glaubermagal ]
[*] Domain: github.com
[*] Homograph characters used: ['ɡ', 'ս']
1 -------------------------------
homograph domain: githսb.com
punycode: xn--githb-bjg.com
DNS: UNSET
2 -------------------------------
homograph domain: ɡithub.com
punycode: xn--ithub-qmc.com
DNS: 107.180.21.235
3 -------------------------------
homograph domain: ɡithսb.com
punycode: xn--ithb-z7b398b.com
DNS: UNSET
```
## Overview
The Homograph URL Checker is a Python tool designed to analyze and identify potential Internationalized Domain Name (IDN) homograph attacks. Homograph attacks involve the use of characters that visually resemble each other but have different Unicode representations. This tool checks for variations of Latin characters that may be exploited for phishing or malicious purposes.
## Motivation
The primary motivation behind this project is to raise awareness about the potential security risks associated with IDN homograph attacks. By identifying visually similar characters, the tool aims to help users and security professionals study and understand the vulnerabilities in domain names, promoting better protection against phishing attempts and other cyber threats.
## Installation
```bash
pip install evilurl
```
## Dependencies for Local Installation
- Python 3
Create a virtualenv
```bash
python -m venv venv
source venv/bin/activate
```
Install the required library using:
```bash
pip install -r requirements.txt
```
## Usage
### Single Domain Analysis
To check a single domain, run the tool with the following command:
```bash
evilurl <domain>
```
### Batch Analysis from File
To analyze multiple domains from a file, use the following command:
```bash
evilurl -f <file_path>
```
## Unicode Combinations
The tool considers various Unicode combinations for visually similar characters, including Cyrillic, Greek, and Armenian characters. The combinations are defined in the tool to assist in the identification of potential homograph attacks.
## Disclaimer
This tool is intended for educational and research purposes only. The author is not responsible for any misuse of this tool.
## How It Works
1. The tool extracts the domain parts from the provided URL.
2. It generates combinations of visually similar characters for each Latin character in the domain.
3. For each combination, it constructs a new domain and checks its registration status and DNS information.
4. The tool then displays the homograph domains, their punycode representation, and DNS status.
## Example Usage
### Single Domain Analysis
```bash
evilurl example.com
```
### Batch Analysis from File
```bash
evilurl -f domains.txt
```
### Return only the homograph domains
```bash
evilurl example.com -d
```
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
Raw data
{
"_id": null,
"home_page": "https://github.com/glaubermagal/evilurl",
"name": "evilurl",
"maintainer": "",
"docs_url": null,
"requires_python": "",
"maintainer_email": "",
"keywords": "",
"author": "Glauber",
"author_email": "apt65@proton.me",
"download_url": "https://files.pythonhosted.org/packages/07/38/4640da19e646a85379a23d5f4543caf051dd01b18e8f77842f3ed03fb268/evilurl-0.0.18.tar.gz",
"platform": null,
"description": "# EvilURL Checker\n\n```bash\nevilurl git:(main) \u2717 evilurl github.com\n\n \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588\n\u2591\u2591\u2588\u2588\u2588\u2591\u2591\u2591\u2591\u2591\u2588\u2591\u2591\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588\u2591\u2591\u2591\u2591\u2591\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588\n \u2591\u2588\u2588\u2588 \u2588 \u2591 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588\n \u2591\u2588\u2588\u2588\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588 \u2591\u2588\u2588\u2588\n \u2591\u2588\u2588\u2588\u2591\u2591\u2588 \u2591\u2591\u2588\u2588\u2588 \u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588\u2591\u2591\u2591\u2591\u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588\n \u2591\u2588\u2588\u2588 \u2591 \u2588 \u2591\u2591\u2591\u2588\u2588\u2588\u2588\u2588\u2591 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2591\u2588\u2588\u2588 \u2588\n \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588 \u2591\u2591\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588 \u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\u2588\n\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591 \u2591\u2591\u2591 \u2591\u2591\u2591\u2591\u2591 \u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591 \u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591 \u2591\u2591\u2591\u2591\u2591 \u2591\u2591\u2591\u2591\u2591 \u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\u2591\n\n[ by @glaubermagal ]\n\n[*] Domain: github.com\n[*] Homograph characters used: ['\u0261', '\u057d']\n\n1 -------------------------------\nhomograph domain: gith\u057db.com\npunycode: xn--githb-bjg.com\nDNS: UNSET\n\n2 -------------------------------\nhomograph domain: \u0261ithub.com\npunycode: xn--ithub-qmc.com\nDNS: 107.180.21.235\n\n3 -------------------------------\nhomograph domain: \u0261ith\u057db.com\npunycode: xn--ithb-z7b398b.com\nDNS: UNSET\n```\n\n## Overview\n\nThe Homograph URL Checker is a Python tool designed to analyze and identify potential Internationalized Domain Name (IDN) homograph attacks. Homograph attacks involve the use of characters that visually resemble each other but have different Unicode representations. This tool checks for variations of Latin characters that may be exploited for phishing or malicious purposes.\n\n## Motivation\n\nThe primary motivation behind this project is to raise awareness about the potential security risks associated with IDN homograph attacks. By identifying visually similar characters, the tool aims to help users and security professionals study and understand the vulnerabilities in domain names, promoting better protection against phishing attempts and other cyber threats.\n\n## Installation\n\n```bash\npip install evilurl\n```\n\n## Dependencies for Local Installation\n- Python 3\n\nCreate a virtualenv\n\n```bash\npython -m venv venv\nsource venv/bin/activate\n```\n\nInstall the required library using:\n\n```bash\npip install -r requirements.txt\n```\n\n## Usage\n\n### Single Domain Analysis\nTo check a single domain, run the tool with the following command:\n\n```bash\nevilurl <domain>\n```\n\n### Batch Analysis from File\nTo analyze multiple domains from a file, use the following command:\n\n```bash\nevilurl -f <file_path>\n```\n\n## Unicode Combinations\n\nThe tool considers various Unicode combinations for visually similar characters, including Cyrillic, Greek, and Armenian characters. The combinations are defined in the tool to assist in the identification of potential homograph attacks.\n\n## Disclaimer\n\nThis tool is intended for educational and research purposes only. The author is not responsible for any misuse of this tool.\n\n## How It Works\n\n1. The tool extracts the domain parts from the provided URL.\n2. It generates combinations of visually similar characters for each Latin character in the domain.\n3. For each combination, it constructs a new domain and checks its registration status and DNS information.\n4. The tool then displays the homograph domains, their punycode representation, and DNS status.\n\n## Example Usage\n\n### Single Domain Analysis\n```bash\nevilurl example.com\n```\n\n### Batch Analysis from File\n```bash\nevilurl -f domains.txt\n```\n\n### Return only the homograph domains\n```bash\nevilurl example.com -d\n```\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n",
"bugtrack_url": null,
"license": "",
"summary": "A tool for analyzing domains for the risk of IDN homograph attacks",
"version": "0.0.18",
"project_urls": {
"Homepage": "https://github.com/glaubermagal/evilurl"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "07384640da19e646a85379a23d5f4543caf051dd01b18e8f77842f3ed03fb268",
"md5": "95007f9257a4c416b7e5953f7259db56",
"sha256": "a2cf28cf2adad45ee41e8c4cc98afae4ad9fa53b90ee7cc346def896f4264b9f"
},
"downloads": -1,
"filename": "evilurl-0.0.18.tar.gz",
"has_sig": false,
"md5_digest": "95007f9257a4c416b7e5953f7259db56",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 7280,
"upload_time": "2024-01-16T01:35:49",
"upload_time_iso_8601": "2024-01-16T01:35:49.408747Z",
"url": "https://files.pythonhosted.org/packages/07/38/4640da19e646a85379a23d5f4543caf051dd01b18e8f77842f3ed03fb268/evilurl-0.0.18.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-01-16 01:35:49",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "glaubermagal",
"github_project": "evilurl",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "certifi",
"specs": [
[
"==",
"2023.11.17"
]
]
},
{
"name": "charset-normalizer",
"specs": [
[
"==",
"3.3.2"
]
]
},
{
"name": "docutils",
"specs": [
[
"==",
"0.20.1"
]
]
},
{
"name": "future",
"specs": [
[
"==",
"0.18.3"
]
]
},
{
"name": "importlib-metadata",
"specs": [
[
"==",
"7.0.1"
]
]
},
{
"name": "jaraco.classes",
"specs": [
[
"==",
"3.3.0"
]
]
},
{
"name": "keyring",
"specs": [
[
"==",
"24.3.0"
]
]
},
{
"name": "markdown-it-py",
"specs": [
[
"==",
"3.0.0"
]
]
},
{
"name": "mdurl",
"specs": [
[
"==",
"0.1.2"
]
]
},
{
"name": "more-itertools",
"specs": [
[
"==",
"10.2.0"
]
]
},
{
"name": "nh3",
"specs": [
[
"==",
"0.2.15"
]
]
},
{
"name": "pkginfo",
"specs": [
[
"==",
"1.9.6"
]
]
},
{
"name": "Pygments",
"specs": [
[
"==",
"2.17.2"
]
]
},
{
"name": "python-whois",
"specs": [
[
"==",
"0.8.0"
]
]
},
{
"name": "readme-renderer",
"specs": [
[
"==",
"42.0"
]
]
},
{
"name": "requests",
"specs": [
[
"==",
"2.31.0"
]
]
},
{
"name": "requests-toolbelt",
"specs": [
[
"==",
"1.0.0"
]
]
},
{
"name": "rfc3986",
"specs": [
[
"==",
"2.0.0"
]
]
},
{
"name": "rich",
"specs": [
[
"==",
"13.7.0"
]
]
},
{
"name": "twine",
"specs": [
[
"==",
"4.0.2"
]
]
},
{
"name": "urllib3",
"specs": [
[
"==",
"2.1.0"
]
]
},
{
"name": "zipp",
"specs": [
[
"==",
"3.17.0"
]
]
}
],
"lcname": "evilurl"
}
JSON
