About Squatm3

Squatm3 is a python tool designed to enumerate available domains generated modifying the original domain name through different techniques:

• Substitution attacks
• Flipping attack
• Homoglyph attack fast (execute a fast homoglyph attack, mutating only one letter at the time )
• Homoglyph attack complete (generates all the possible combinations)

Squatm3 will help penetration testers to identify domains to be used in phishing attack simulations and security analysts to prevent effective phishing attacks

Squatm3 comes in two flavors:

• command line tool
• web solution (squatm3gator) that you can find (here)[]

Installation

git clone https://github.com/david3107/squatm3.git

Recommended Python Version:

Squatm3 currently supports only Python 3

Dependencies:

Squatm3 heavily depends on

tld
validators
decorator>=4.1.2
requests
simplejson
homoglyphs

python modules.

These dependencies can be installed using the requirements file:

• Installation on Windows:

c:\python33\python.exe -m pip install -r requirements.txt --user

• Installation on Linux and MacOS

pip install -r requirements.txt --user

Usage

 ___             __    _           ____
/ __> ___  _ _  /. | _| |_ ._ _ _ <__ /
\__ \/ . || | |/_  .| | |  | ' ' | <_ \
<___/\_  |`___|  |_|  |_|  |_|_|_|<___/
       | |


usage: squatme.py [-h] [--url URL] [--tld [TLD]] [-A [ALL]]
                  [-Hf [HOMOGLYPH_FAST]] [-Hc [HOMOGLYPH_COMPLETE]]
                  [-F [FLIPPER]] [-R [REMOVE]] [--godaddy [ENABLE_GODADDY]]
                  [--output [{text,json}]] [--only-available [AVAILABLE]]

SquatMe v1.5 - @davide107

optional arguments:
  -h, --help            show this help message and exit
  --url URL             url to be squatted
  --tld [TLD]           read the tld list form file db/top_domains and
                        generate the domains. If not specified uses only .com
  -A [ALL]              execute all the squatting attacks
  -Hf [HOMOGLYPH_FAST]  execute a fast homoglyph attack, mutating only one
                        letter at the time
  -Hc [HOMOGLYPH_COMPLETE]
                        execute a complete homoglyph attack,generating all the
                        possible combinations (slow)
  -F [FLIPPER]          execute flipping attack
  -R [REMOVE]           remove one letter a time
  --godaddy [ENABLE_GODADDY]
                        checks on godaddy if the domain is available for sale
                        together with the price
  --output [{text,json}]
                        Output of the tool: text (stdout), csv(file) or
                        json(file)
  --only-available [AVAILABLE]
                        lists only the available domains for purchase

License

Squatm3 is licensed under the GNU GPL license.

Version

Current version is 1.5