openSquat – Domain Squatting and Phishing Watchdog

openSquat is an Open-source Intelligence (OSINT) cyber-security tool to specify cybersquatting dangers to specific companies or domains, such as Phishing campaigns, Domain squatting, Typosquatting. This tool supports saving the results in the JSON and CSV file format. openSquat tool is developed in the Python language and it’s available on the Github platform. This is an open-source project so anyone can contribute to it.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of openSquat  Tool on Kali Linux OS

Step 1: In this step, we will get the openSquat tool repository from GitHub,

git clone https://github.com/atenreiro/opensquat.git

Step 2: Use the below cd command to navigate to the openSquat tool directory.

cd opensquat

Step 3: Execute the below command to download all the Python dependencies which are associated with the tool.

sudo pip3 install -r requirements.txt

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 opensquat.py  --help/-h

Working with openSquat  Tool on Kali Linux OS

Example 1: Scan with default options

In this example, we are running the tool with default options.

python3 opensquat.py

Example 2: Scan for generic terms used in phishing campaigns (can lead to false positives)

In this example, we are searching generic terms used in phishing attacks from the generic.txt files.

python3 opensquat.py -k generic.txt

Example 3: With DNS validation (quad9)

In this example, we are using the DNS validation option for searching phishing pages.

python3 opensquat.py --dns

Example 4: Subdomain search

In this example, we are searching for subdomains that consist of phishing identity,

python3 opensquat.py --subdomains   

Example 5: Check for domains with open ports 80/443

In this example, we are checking for open ports on the web page.

python3 opensquat.py --portcheck

Example 6: With Phishing validation (Phishing Database)

In this example, we are comparing the results with the Phishing Database.

python3 opensquat.py --phishing phish_results.txt

Example 7: Save output as JSON

In this example, we are saving the results or output in the JSON file format.

python3 opensquat.py -o example.json -t json

Results are saved in the JSON file format.

Example 8: Save output as CSV

In this example, we are saving the results or output in the CSV file format.

python3 opensquat.py -o example.csv -t csv

Results are saved in the CSV file format.

Example 9: Period search – registrations from the last month (default: day)

In this example, we are extracting the links which are published last month rather than getting all the stuff,

python3 opensquat.py -p month

Links which are activated last month are displayed in the below screenshot.

Example 10: Setting confidence level

In this example, we are setting the confidence level to medium.

python3 opensquat.py -c 2

Example 11: All validations options

In this example, we are using all the options in a single query.

python3 opensquat.py –phishing phishing_domains.txt –dns –ct –subdomains –portcheck