https://github.com/grahamhelton/spoofpoint

Spoofpoint is a domain monitoring tool that allows you to generate a list of domains that are 1 character off of your domain (grahamhelton.com turns into -> grahamheIton.com ((The L is a capital I )), check a list of domains you already have, or check as single domain.
https://github.com/grahamhelton/spoofpoint

domain domain-monitoring security

Last synced: 5 months ago
JSON representation

Spoofpoint is a domain monitoring tool that allows you to generate a list of domains that are 1 character off of your domain (grahamhelton.com turns into -> grahamheIton.com ((The L is a capital I )), check a list of domains you already have, or check as single domain.

• Host: GitHub
• URL: https://github.com/grahamhelton/spoofpoint
• Owner: grahamhelton
• Created: 2021-07-27T17:34:15.000Z (almost 5 years ago)
• Default Branch: main
• Last Pushed: 2021-08-10T19:56:53.000Z (almost 5 years ago)
• Last Synced: 2023-08-20T04:24:39.158Z (almost 3 years ago)
• Topics: domain, domain-monitoring, security
• Language: Shell
• Homepage:
• Size: 521 KB
• Stars: 29
• Watchers: 1
• Forks: 3
• Open Issues: 1
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
 # What is this?

 Spoofpoint is a domain monitoring tool that allows you to generate domains names one character off of your domain that could have been registered by an attacker attempting to get a domain that looks like yours, check a single domain to see if it is registered, or check a precompiled list of domains to see if they exist.

# Install

### Debian 

 ```bash

sudo apt-get install whois bind9-dnsutils

git clone https://github.com/grahamhelton/spoofpoint 

cd spoofpoint

./spoofpoint -i  -d 

```

### Arch

 ```bash

sudo pacman -S whois bind9-dnsutils

git clone https://github.com/grahamhelton/spoofpoint 

cd spoofpoint

./spoofpoint -i  -d 

```

### MacOS (via [Homebrew](https://brew.sh/))

```bash

brew install bind

git clone https://github.com/grahamhelton/spoofpoint 

cd spoofpoint

./spoofpoint -i  -d 

```

# Usage

Generate domains names one character off of your domain that could have been registered by an attacker attempting to get a domain that looks like yours.

```bash

./spoofpoint -g 

```

![](/generate.gif)

Check a list of domains your already have.

```bash

./spoofpoint -i 

```

Check a single domain

```bash

./spoofpoint -d 

```

![](/example.gif)

# Who is this meant for?

This is meant for people who are tasked with defending an organization from potential phishing attacks via spoofed domains. There are more advanced free tools out there that use python to generate permutations of your domain such as [dnstwist](https://github.com/elceef/dnstwist) but this tool is a super quick and super lightweight to check up on some domains you are worried about.

 # Why is this better than 

It's probably not, but it does 95% of what those big companies do except it can be done for free in under 5 minutes.

Here are some free tools made by people in the community that are also cool!

- [spoofable](https://github.com/C0nd4/spoofable) <- Python from [C0nd4](https://github.com/C0nd4) 

- [PSGet-Domain-MailInfo](https://github.com/dotBATmanNO/PSGet-Domain-MailInfo) <- Powershell from [dotBATmanNO](https://github.com/dotBATmanNO)