Working with openSquat Tool on Kali Linux OS
Example 1: Scan with default options
In this example, we are running the tool with default options.
python3 opensquat.py
Example 2: Scan for generic terms used in phishing campaigns (can lead to false positives)
In this example, we are searching generic terms used in phishing attacks from the generic.txt files.
python3 opensquat.py -k generic.txt
Example 3: With DNS validation (quad9)
In this example, we are using the DNS validation option for searching phishing pages.
python3 opensquat.py --dns
Example 4: Subdomain search
In this example, we are searching for subdomains that consist of phishing identity,
python3 opensquat.py --subdomains
Example 5: Check for domains with open ports 80/443
In this example, we are checking for open ports on the web page.
python3 opensquat.py --portcheck
Example 6: With Phishing validation (Phishing Database)
In this example, we are comparing the results with the Phishing Database.
python3 opensquat.py --phishing phish_results.txt
Example 7: Save output as JSON
In this example, we are saving the results or output in the JSON file format.
python3 opensquat.py -o example.json -t json
Results are saved in the JSON file format.
Example 8: Save output as CSV
In this example, we are saving the results or output in the CSV file format.
python3 opensquat.py -o example.csv -t csv
Results are saved in the CSV file format.
Example 9: Period search – registrations from the last month (default: day)
In this example, we are extracting the links which are published last month rather than getting all the stuff,
python3 opensquat.py -p month
Links which are activated last month are displayed in the below screenshot.
Example 10: Setting confidence level
In this example, we are setting the confidence level to medium.
python3 opensquat.py -c 2
Example 11: All validations options
In this example, we are using all the options in a single query.
python3 opensquat.py –phishing phishing_domains.txt –dns –ct –subdomains –portcheck
openSquat – Domain Squatting and Phishing Watchdog
openSquat is an Open-source Intelligence (OSINT) cyber-security tool to specify cybersquatting dangers to specific companies or domains, such as Phishing campaigns, Domain squatting, Typosquatting. This tool supports saving the results in the JSON and CSV file format. openSquat tool is developed in the Python language and it’s available on the Github platform. This is an open-source project so anyone can contribute to it.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux