Skip to content
/ IntelRetriever Public

This is a python script that uses DNStwist and HIBP to find possible malicious domain names trying to emulate the original domain. It also looks for any emails associated with the domain and checks them with the HIBP database.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mrchuzie/IntelRetriever

BranchesTags

Repository files navigation

IntelRetriever

This is a python script that uses DNStwist and HIBP to find possible malicious domain names trying to emulate the original domain. It also looks for any emails associated with the domain and checks them with the HIBP database.

Need to be using python 2.7

THe following need to be installed:

  • pip install dnstwist
  • pip install requests
  • pip install pyhunter
  • pip install os-sys
  • pip install dnspython
  • pip install DNSPython
  • pip install ssdeep**
  • pip install Requests

GeoIP>=1.3.2 dnspython>=1.14.0 requests>=2.20.0 #ssdeep>=3.1 ppdeep>=20200505 whois>=0.7 tld>=0.9.1

Debian/Ubuntu/Kali Linux

If running Debian-based distribution, you can install all external libraries with just single command for DNSTwist:

$ sudo apt install python3-dnspython python3-tld python3-geoip python3-whois \
python3-requests python3-ssdeep

About

This is a python script that uses DNStwist and HIBP to find possible malicious domain names trying to emulate the original domain. It also looks for any emails associated with the domain and checks them with the HIBP database.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages