Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/basecamp/homographic_spoofing

Toolkit to both detect and sanitize homographic spoofing attacks in URLs and Email addresses
https://github.com/basecamp/homographic_spoofing

homograph-attack

Last synced: 3 months ago
JSON representation

Toolkit to both detect and sanitize homographic spoofing attacks in URLs and Email addresses

Host: GitHub
URL: https://github.com/basecamp/homographic_spoofing
Owner: basecamp
License: mit
Created: 2023-02-20T16:16:59.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2024-06-24T08:11:34.000Z (4 months ago)
Last Synced: 2024-07-30T12:28:16.979Z (3 months ago)
Topics: homograph-attack
Language: Ruby
Homepage:
Size: 265 KB
Stars: 90
Watchers: 7
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: MIT-LICENSE

Awesome Lists containing this project

README

# HomographicSpoofing

Toolkit to both detect and sanitize [homographic spoofing attacks](https://en.wikipedia.org/wiki/IDN_homograph_attack) in URLs and Email addresses.

## Installation

Add this line to your application's Gemfile:

```ruby
gem "homographic_spoofing"
```

And then execute:

```bash
$ bundle
```

Or install it yourself as:

```bash
$ gem install homographic_spoofing
```
## Configuration

If `HomographicSpoofing.logger` is set to a Logger instance, the gem will log all the violations found. If you're using Rails,
it is automatically configured to use `Rails.logger`, otheriwse you can set it manually:

```ruby
HomographicSpoofing.logger = Logger.new("log/homographic_spoofing.log")
```

## Usage

### IDN

[What is an IDN](https://en.wikipedia.org/wiki/Internationalized_domain_name)

**Check if an IDN is an homographic spoof**

```ruby
HomographicSpoofing.idn_spoof?("www.basecаmp.com")
# => true, uses cyrillic 'а' instead of latin 'a'
HomographicSpoofing.idn_spoof?("www.basecamp.com")
# => false
```

**Sanitize an IDN**

The library can also sanitize an IDN by converting all confusable characters to their punycode representation.

```ruby
HomographicSpoofing.sanitize_idn("www.basecаmp.com")
# => "www.xn--basecmp-6fg.com"
HomographicSpoofing.sanitize_idn("www.basecamp.com")
# => "www.basecamp.com"
```

### Email addresses

An email address is formed from three main parts:

"Jacopo Beschi" <>

- The domain-part is "basecamp.com"
- The local-part is "jacopo.beschi"
- The quoted-string-part is "Jacopo Beschi"

**Check if an email_address is an homographic spoof**

```ruby
HomographicSpoofing.email_address_spoof?(%{"Jacopo Beschi" })
# => true, uses cyrillic 'а' instead of latin 'a'
```

**Sanitize an email_address**

```ruby
>> HomographicSpoofing.sanitize_email_address(%{"Jacopo Beschi" })
# => "\"Jacopo Beschi\" "
```

**Check if an email_address local-part is an homographic spoof**

```ruby
HomographicSpoofing.email_local_spoof?("jacopo.beschi")
# => false
```

**Check if an email_address quoted-string-part is an homographic spoof**

```ruby
HomographicSpoofing.email_name_spoof?("Jacopo Beschi")
# => false
```

**Sanitize an email_address quoted-string-part**

```ruby
HomographicSpoofing.sanitize_email_name("Jacopo Beschi")
# => "Jacopo Beschi"
```

## Development

To experiment, start the console with `bin/console`.
Run the test via `bin/test`.

## Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/basecamp/homographic_spoofing.

## License

The IDN spoof detection algorithms are inspired by Chromium's [spoof_check](https://source.chromium.org/chromium/chromium/src/+/main:components/url_formatter/spoof_checks/) source code.

The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).